Skip to content

api server: patch operation should use patched object to check admission control #19479

Closed
@csrwng

Description

Currently, patch will check admission control with an empty object and if it passes, then will proceed to update the object with the patch. Admission control plugins don't get a chance to see/validate what is actually going to be updated.

Metadata

Assignees

Labels

area/apiIndicates an issue on api area.area/apiserverarea/securitypriority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.sig/api-machineryCategorizes an issue or PR as relevant to SIG API Machinery.

Type

No type

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions