-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fine-grained SupplementalGroups control #3619
Comments
This comment was marked as off-topic.
This comment was marked as off-topic.
@everpeace: The label(s) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This comment was marked as off-topic.
This comment was marked as off-topic.
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
/milestone v1.27 let's see if we can start it in 1.27 |
/label lead-opted-in |
/stage alpha |
Hello @everpeace 👋, 1.27 Enhancements team here. Just checking in as we approach enhancements freeze on 18:00 PDT Thursday 9th February 2023. This enhancement is targeting for stage Here's where this enhancement currently stands:
It looks like #3620 will address most of these issues. The status of this enhancement is marked as |
@everpeace do you plan on making progress on this in 1.32? |
Sounds like there is plans to bring this up for beta graduation in 1.32. Moving it to "Proposed for consideration". |
Yes, I'm planning some improvements in 1.32 toward beta:
Thanks! By the way, about the actual timing of its beta promotion, I think it would be better after both containerd and CRI-O supports
Thus, I'm not sure v1.32 is good timing for its beta promotion because I don't have information about containerd v2 release date even the expected one. |
Hi, enhancements lead here - I inadvertently added this to the 1.32 tracking board 😀. Please readd it if you wish to progress this enhancement in 1.32. /remove-label lead-opted-in |
@haircommander I'm now preparing PRR of this KEP for beta release in #4895. May this KEP lead-opt-in for v1.32?? (Sorry for the last minutes) |
/milestone v1.32 Thanks for the heads up @everpeace ! |
/label lead-opted-in |
Hello @everpeace 👋, Enhancements team here. Just checking in as we approach enhancements freeze on 02:00 UTC Friday 11th October 2024 / 19:00 PDT Thursday 10th October 2024. This enhancement is targeting for stage Here's where this enhancement currently stands:
To track this KEP for enhancements freeze:
The status of this enhancement is marked as If you anticipate missing enhancements freeze, you can file an exception request in advance. Thank you! |
Hello 👋, v1.32 Enhancements team here. Unfortunately, this enhancement did not meet requirements for enhancements freeze. If you still wish to progress this enhancement in 1.32, please file an exception request as soon as possible, within three days. If you have any questions, you can reach out in the #release-enhancements channel on Slack and we'll be happy to help. Thanks! |
/milestone clear |
Enhancement Description
PodSecurityContext.SupplementalGroups
by custom container image although PSP(or other policy engines) enforces the field kubernetes#1128791.32--> 1.33 or later (depends on Containerd v2 release and it's adoption)k/enhancements
) update PR(s):SupplementalGroupsPolicy
feature fields in Kubernetes API(Node.Status
) and CRI(RuntimeStatusResponse
) #4728k/k
) update PR(s):k/website
) update PR(s):k/enhancements
) update PR(s):k/k
) update PR(s):k/website
) update(s):Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.
/assign
/sig node
/kind feature
The text was updated successfully, but these errors were encountered: