KMS v2 Improvements

[ritazh]

Enhancement Description

• One-line enhancement description (can be used as a release note): Introduce KMS v2alpha1 API to add performance, rotation, and observability improvements
• Kubernetes Enhancement Proposal: https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/3299-kms-v2-improvements
• Discussion Link:
  • 3299-kms-v2-improvements #3302
  • Sig Auth meetings for 20220608: https://youtu.be/SNnvZVvk5VQ
• Primary contact (assignee): @ritazh @aramase
• Responsible SIGs: sig-auth
• Enhancement target (which target equals to which milestone):
  • Alpha release target (x.y): 1.25
  • Beta release target (x.y): 1.26
  • Stable release target (x.y): 1.27
• Alpha
  • KEP (k/enhancements) update PR(s): 3299-kms-v2-improvements #3302
  • Code (k/k) update PR(s): Implement KMS v2alpha1 kubernetes#111126
  • Docs (k/website) update PR(s): KMS v2alpha1 website#35046

[ritazh]

/sig auth

[ritazh]

/triage accepted

[enj]

/milestone v1.25

[Priyankasaggu11929]

Hello @ritazh 👋, 1.25 Enhancements team here.

Just checking in as we approach enhancements freeze on 18:00 PST on Thursday June 16, 2022.

For note, This enhancement is targeting for stage alpha for 1.25 (correct me, if otherwise)

Here's where this enhancement currently stands: (updated on June 9, 2022)

• KEP file using the latest template has been merged into the k/enhancements repo.
• KEP status is marked as implementable
• KEP has a updated detailed test plan section filled out
• KEP has up to date graduation criteria
• KEP has a production readiness review that has been completed and merged into k/enhancements.

Looks like for this one, we would need to update the following in the open KEP PR #3302:

• update the status in the kep.yaml file to implementable
• Update the KEP README.md file add updated detailed test plan section

For note, the status of this enhancement is marked as at risk. Thank you for keeping the issue description up-to-date!

[Priyankasaggu11929]

Hello @ritazh 👋, just a quick check-in again, as we approach the 1.25 enhancements freeze.

Please plan to get the pending items done before enhancements freeze on Thursday, June 23, 2022 at 18:00 PM PT.

For note, the current status of the enhancement is atat-risk. Thank you!

[Priyankasaggu11929]

With KEP PR #3302 merged, the enhancement is ready for 1.25 enhancements freeze.

For note, the status is now marked as tracked in the enhancements tracking sheet. Thank you!

[didicodes]

Hello @ritazh 👋, 1.25 Release Docs Shadow here.

This enhancement is marked as ‘Needs Docs’ for the 1.25 release. Please follow the steps detailed in the documentation to open a PR against the dev-1.25 branch in the k/website repo. This PR can be just a placeholder at this time and must be created by August 4.


Also, take a look at Documenting for a release to familiarize yourself with the docs requirement for the release. Thank you!

[Atharva-Shinde]

Hi @ritazh, Enhancements team here again 👋

Checking in as we approach Code Freeze at 01:00 UTC on Wednesday, 3rd August 2022.

Please ensure that the following items are completed before the code-freeze:

• All PRs to the Kubernetes repo that are related to your enhancement are linked in the above issue description (for tracking purposes).
• All PRs are fully merged by the code freeze deadline.

Currently, the status of the enhancement is marked as at-risk

Thanks :)

[Atharva-Shinde]

Hey @ritazh reaching out again as we approach Code Freeze at 01:00 UTC on this Wednesday i.e 3rd August 2022.
Try to get the action items done which are mentioned in the comment above before the code-freeze :)
The status of the enhancement is still marked as at-risk

[ritazh]

Thanks @Atharva-Shinde! kubernetes/kubernetes#111126 is currently waiting to be reviewed again by the approvers.

[Priyankasaggu11929]

Hello 👋, 1.25 Enhancements Lead here.

Unfortunately, this enhancement did not meet the code freeze criteria because there are still unmerged k/k code PRs.

If you still wish to progress this enhancement in v1.25, please file an exception request. Thank you so much!

/milestone clear

[ritazh]

@Priyankasaggu11929 FYI the exception request has been approved. kubernetes/kubernetes#111126 (comment)

[Priyankasaggu11929]

Thanks for the update @ritazh.

With the k/k PR also merged, I am marking it as tracked for 1.25 release cycle. Thank you so much!

[parul5sahoo]

Hello @ritazh 👋, 1.26 Enhancements team here.

Just checking in as we approach enhancements freeze on 18:00 PDT on Thursday 6th October 2022.

This enhancement is targeting for stage beta for 1.26 (correct me, if otherwise)

Here's where this enhancement currently stands:

• KEP readme using the latest template has been merged into the k/enhancements repo.
• KEP status is marked as implementable for latest-milestone: 1.26
• KEP readme has a updated detailed test plan section filled out
• KEP readme has up to date graduation criteria
• KEP has a production readiness review that has been completed and merged into k/enhancements.

For this KEP, we would just need to update the following before the enhancements freeze:

• Complete the process of updating the KEP Readme according to the latest test plan, I see TBD in those sections of the readme.
• Complete and merge the PRR for beta stage.
• Update the stage and milestone to beta and 1.26 in the kep.yaml file.

The status of this enhancement is marked as at risk. Please keep the issue description up-to-date with appropriate stages as well. Let us know if you have any queries. Thank you!

[aramase]

This enhancement is targeting for stage beta for 1.26 (correct me, if otherwise)

@parul5sahoo Thanks for reaching out. This enhancement will remain alpha in v1.26 and beta is planned for v1.27. We have merged a PR to update the milestones in the kep.yaml.

[aramase]

@parul5sahoo Is the change in kep.yaml #3551 sufficient? We have moved the beta milestone for this enhancement to v1.27.

[parul5sahoo]

@parul5sahoo Is the change in kep.yaml #3551 sufficient? We have moved the beta milestone for this enhancement to v1.27.

yes @aramase that works, I've updates the status for this KEP!

[rhockenbury]

/milestone clear
/label tracked/no
/remove-label tracked/yes
/remove-label lead-opted-in