-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add the support for using PodSecurityAdmissionConfigurationTemplate in RKE1 cluster 1.25 and above #165
Conversation
48d3ae9
to
7b4c600
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might be useful to add unit tests for the functions in podsecurityadmission.go
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couple minor comments, started reviewing it and now need to take care of something else. Planning to resume reviewing later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added some comments/questions/suggestions.
…n RKE1 cluster 1.25 and above
5380564
to
8ba1a34
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jiaqiluo , thank you for addressing my comments. LGTM based on the previous review.
I'm approving it with the assumption that the second review will not be a rubber-stamp one. :)
Issue:
rancher/rancher#39992
rancher/rancher#40009
Additionally, this also partially addresses rancher/rancher#39995 by implementing the check on webhook side (the deeper check on RKE1 side is implemented as part of rancher/rke#3132).
Description:
This PR is a part of the effort to support using PSACT (Pod Security Admission Configuration Template) in the RKE1 1.25 cluster.
The PR introduces the following major changes:
pkg/resources/mutation/cluster/cluster.go
)pkg/resources/validation/cluster/cluster.go
)Related PRs: