Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add seccomp GA version skew for pods #91408

Merged
merged 1 commit into from
Jul 10, 2020
Merged

Add seccomp GA version skew for pods #91408

merged 1 commit into from
Jul 10, 2020

Conversation

saschagrunert
Copy link
Member

@saschagrunert saschagrunert commented May 25, 2020
edited
Loading

What type of PR is this?

/kind feature

What this PR does / why we need it:

This adds a new conversion function to the pod strategy to handle the
seccomp version skew strategy:

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy

Which issue(s) this PR fixes:

None

Special notes for your reviewer:

Requires #91381

/cc @pjbgf @hasheddan @evrardjp

Does this PR introduce a user-facing change?:

- Added pod version skew strategy for seccomp profile to synchronize the deprecated annotations with the new API Server fields. Please see the corresponding section [in the KEP](https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy) for more detailed explanations.

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

- KEP: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. kind/feature Categorizes issue or PR as related to a new feature. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. area/kubelet kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API sig/apps Categorizes an issue or PR as relevant to SIG Apps. sig/node Categorizes an issue or PR as relevant to SIG Node. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels May 25, 2020
@k8s-ci-robot k8s-ci-robot added area/code-generation area/kubectl sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/cli Categorizes an issue or PR as relevant to SIG CLI. labels May 25, 2020
@saschagrunert saschagrunert force-pushed the seccomp-api-migration branch 2 times, most recently from abf4d5d to 84467fc Compare May 25, 2020 13:16
@saschagrunert
Copy link
Member Author

Added the unit tests to bump the coverage of the new function to 100%.

@saschagrunert
Copy link
Member Author

Seems unrelated:

STEP: Destroying namespace "pv-943" for this suite.
• Failure [346.655 seconds]
[sig-storage] PersistentVolumes
test/e2e/storage/utils/framework.go:23
  NFS
  test/e2e/storage/persistent_volumes.go:122
    with Single PV - PVC pairs
skipped 1722 lines unfold_more
[Fail] [sig-storage] PersistentVolumes NFS with Single PV - PVC pairs [It] create a PVC and a pre-bound PV: test write access 
test/e2e/storage/persistent_volumes.go:52
Ran 632 of 5098 Specs in 1046.741 seconds
FAIL! -- 631 Passed | 1 Failed | 0 Pending | 4466 Skipped

/test pull-kubernetes-e2e-kind

@saschagrunert
Copy link
Member Author

/test pull-kubernetes-integration

@pjbgf pjbgf mentioned this pull request May 25, 2020
Closed
9 tasks
@saschagrunert
Copy link
Member Author

/retest

3 similar comments
@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/retest

@liggitt
Copy link
Member

liggitt commented Jul 8, 2020

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 8, 2020
@liggitt liggitt mentioned this pull request Jul 8, 2020
Merged
@saschagrunert
Copy link
Member Author

/retest

3 similar comments
@saschagrunert
Copy link
Member Author

/retest

@liggitt
Copy link
Member

liggitt commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/test pull-kubernetes-kubemark-e2e-gce-big

@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/test pull-kubernetes-typecheck

@saschagrunert
Copy link
Member Author

/retest

5 similar comments
@hasheddan
Copy link
Contributor

/retest

@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/retest

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

1 similar comment
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

@saschagrunert
Copy link
Member Author

/retest

1 similar comment
@saschagrunert
Copy link
Member Author

/retest

@saschagrunert
Copy link
Member Author

/test pull-kubernetes-e2e-kind

@k8s-ci-robot k8s-ci-robot merged commit 26f0227 into kubernetes:master Jul 10, 2020
@saschagrunert saschagrunert deleted the seccomp-api-migration branch July 10, 2020 11:31
@github-actions github-actions bot mentioned this pull request Jul 14, 2020
Open
@tallclair tallclair mentioned this pull request Feb 22, 2024
Merged
@jiaqiluo jiaqiluo mentioned this pull request Mar 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liggitt liggitt liggitt left review comments

@pjbgf pjbgf pjbgf left review comments

@hasheddan hasheddan hasheddan left review comments

@tallclair tallclair Awaiting requested review from tallclair

Assignees

@liggitt liggitt

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/code-generation area/kubectl area/kubelet cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/apps Categorizes an issue or PR as relevant to SIG Apps. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/cli Categorizes an issue or PR as relevant to SIG CLI. sig/node Categorizes an issue or PR as relevant to SIG Node. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
v1.19
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@saschagrunert @fejta-bot @fedebongio @liggitt @k8s-ci-robot @hasheddan @pjbgf