-
Notifications
You must be signed in to change notification settings - Fork 39k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSR condition status, lastTransitionTime, versioned validation #90191
Conversation
New changes are detected. LGTM label has been removed. |
/retest |
@@ -59,18 +67,34 @@ func DefaultSignerNameFromSpec(obj *certificatesv1beta1.CertificateSigningReques | |||
} | |||
} | |||
|
|||
var ( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So much better
API changes look fine to me, lgtm from that perspective. |
thanks /hold cancel |
Only one question, I had to read the KEP again but I didn't see anything really crazy. |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: liggitt, smarterclayton The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest |
2 similar comments
/retest |
/retest |
What type of PR is this?
/kind api-change
/kind feature
What this PR does / why we need it:
Implements v1beta1 portions of the CSR KEP (kubernetes/enhancements#1513)
Best reviewed commit-by-commit
Failed
for use by signers that want to indicate permanent failureApproved
andDenied
to be added via/status
True
if unspecified, may only beTrue
forApproved
,Denied
, andFailed
conditions)Approved
andDenied
conditions are mutually exclusive (fixes csr approved than denied ,can not be approved again #90510)Approved
,Denied
, andFailed
conditions cannot be removed once setstatus.certificate
is required to be well-formedstatus.certificate
is immutable once setDoes this PR introduce a user-facing change?:
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
/sig auth
/milestone v1.19
/priority important-soon
/cc @deads2k @munnerz