Skip to content

Add seccomp GA version skew for pods#91408

Merged
k8s-ci-robot merged 1 commit intokubernetes:masterfrom
saschagrunert:seccomp-api-migration
Jul 10, 2020
Merged

Add seccomp GA version skew for pods#91408
k8s-ci-robot merged 1 commit intokubernetes:masterfrom
saschagrunert:seccomp-api-migration

Conversation

@saschagrunert
Copy link
Copy Markdown
Member

@saschagrunert saschagrunert commented May 25, 2020
edited
Loading

What type of PR is this?

/kind feature

What this PR does / why we need it:

This adds a new conversion function to the pod strategy to handle the
seccomp version skew strategy:

https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy

Which issue(s) this PR fixes:

None

Special notes for your reviewer:

Requires #91381

/cc @pjbgf @hasheddan @evrardjp

Does this PR introduce a user-facing change?:

- Added pod version skew strategy for seccomp profile to synchronize the deprecated annotations with the new API Server fields. Please see the corresponding section [in the KEP](https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy) for more detailed explanations.

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

- KEP: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. kind/feature Categorizes issue or PR as related to a new feature. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. area/kubelet kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API sig/apps Categorizes an issue or PR as relevant to SIG Apps. sig/node Categorizes an issue or PR as relevant to SIG Node. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels May 25, 2020
@k8s-ci-robot k8s-ci-robot requested review from lavalamp and matthyx May 25, 2020 11:11
pjbgf
pjbgf reviewed May 25, 2020
View reviewed changes
Comment thread pkg/apis/core/v1/conversion.go Outdated
pjbgf
pjbgf reviewed May 25, 2020
View reviewed changes
Comment thread pkg/apis/core/v1/conversion.go Outdated
@saschagrunert saschagrunert force-pushed the seccomp-api-migration branch from 32a79d6 to de6fde2 Compare May 25, 2020 12:29
@k8s-ci-robot k8s-ci-robot added area/code-generation area/kubectl sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/cli Categorizes an issue or PR as relevant to SIG CLI. labels May 25, 2020
@saschagrunert saschagrunert force-pushed the seccomp-api-migration branch 2 times, most recently from abf4d5d to 84467fc Compare May 25, 2020 13:16
@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented May 25, 2020

Added the unit tests to bump the coverage of the new function to 100%.

@saschagrunert saschagrunert force-pushed the seccomp-api-migration branch from 84467fc to bed541f Compare May 25, 2020 13:27
pjbgf
pjbgf reviewed May 25, 2020
View reviewed changes
Comment thread pkg/apis/core/v1/conversion_test.go Outdated
@saschagrunert saschagrunert force-pushed the seccomp-api-migration branch from bed541f to eae339c Compare May 25, 2020 14:03
@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented May 25, 2020

Seems unrelated:

STEP: Destroying namespace "pv-943" for this suite.
• Failure [346.655 seconds]
[sig-storage] PersistentVolumes
test/e2e/storage/utils/framework.go:23
  NFS
  test/e2e/storage/persistent_volumes.go:122
    with Single PV - PVC pairs
skipped 1722 lines unfold_more
[Fail] [sig-storage] PersistentVolumes NFS with Single PV - PVC pairs [It] create a PVC and a pre-bound PV: test write access 
test/e2e/storage/persistent_volumes.go:52
Ran 632 of 5098 Specs in 1046.741 seconds
FAIL! -- 631 Passed | 1 Failed | 0 Pending | 4466 Skipped

/test pull-kubernetes-e2e-kind

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented May 25, 2020

/test pull-kubernetes-integration

@pjbgf pjbgf mentioned this pull request May 25, 2020
Closed
9 tasks
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Jul 6, 2020

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: liggitt, saschagrunert

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 6, 2020

If this gets merged then I will continue to add e2e tests for the API migration in #91442

@saschagrunert saschagrunert mentioned this pull request Jul 6, 2020
Merged
@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 6, 2020

/retest

3 similar comments
@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 6, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 6, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 6, 2020

/retest

@liggitt
Copy link
Copy Markdown
Member

liggitt commented Jul 8, 2020

/hold cancel

@liggitt liggitt mentioned this pull request Jul 8, 2020
Merged
@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 8, 2020

/retest

3 similar comments
@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 8, 2020

/retest

@liggitt
Copy link
Copy Markdown
Member

liggitt commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/test pull-kubernetes-kubemark-e2e-gce-big

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/test pull-kubernetes-typecheck

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/retest

5 similar comments
@hasheddan
Copy link
Copy Markdown
Contributor

hasheddan commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 9, 2020

/retest

@fejta-bot
Copy link
Copy Markdown

fejta-bot commented Jul 10, 2020

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

1 similar comment
@fejta-bot
Copy link
Copy Markdown

fejta-bot commented Jul 10, 2020

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 10, 2020

/retest

1 similar comment
@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 10, 2020

/retest

@saschagrunert
Copy link
Copy Markdown
Member Author

saschagrunert commented Jul 10, 2020

/test pull-kubernetes-e2e-kind

@github-actions github-actions Bot mentioned this pull request Jul 14, 2020
Open
@tallclair tallclair mentioned this pull request Feb 22, 2024
Merged
@jiaqiluo jiaqiluo mentioned this pull request Mar 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@liggitt liggitt liggitt left review comments

@tallclair tallclair Awaiting requested review from tallclair

+2 more reviewers

@pjbgf pjbgf pjbgf left review comments

@hasheddan hasheddan hasheddan left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@liggitt liggitt

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/code-generation area/kubectl area/kubelet cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/apps Categorizes an issue or PR as relevant to SIG Apps. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/cli Categorizes an issue or PR as relevant to SIG CLI. sig/node Categorizes an issue or PR as relevant to SIG Node. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.

Projects

None yet

Milestone

v1.19

Development

Successfully merging this pull request may close these issues.

7 participants

@saschagrunert @fejta-bot @fedebongio @liggitt @k8s-ci-robot @hasheddan @pjbgf