-
Notifications
You must be signed in to change notification settings - Fork 450
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for Kubernetes v1.25 #6638
Conversation
Skipping CI for Draft Pull Request. |
/assign |
7b7bb3b
to
7126b6f
Compare
pkg/operation/botanist/component/kubeapiserver/poddisruptionbudget.go
Outdated
Show resolved
Hide resolved
pkg/operation/botanist/component/resourcemanager/resource_manager.go
Outdated
Show resolved
Hide resolved
pkg/operation/botanist/component/vpnauthzserver/external_authz_server.go
Outdated
Show resolved
Hide resolved
pkg/operation/botanist/component/vpnauthzserver/external_authz_server.go
Outdated
Show resolved
Hide resolved
pkg/operation/botanist/component/vpnauthzserver/external_authz_server.go
Outdated
Show resolved
Hide resolved
pkg/operation/botanist/component/kubeapiserver/horizontalpodautoscaler.go
Outdated
Show resolved
Hide resolved
7a11478
to
1fb0c52
Compare
1fb0c52
to
80cc375
Compare
6406b72
to
9f1440a
Compare
50bef95
to
870fdb6
Compare
870fdb6
to
86e6a94
Compare
Thanks @shafeeqes, this looks good now. Let's go |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rfranzke The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/test pull-gardener-check-vulnerabilities |
@shafeeqes: The following test failed, say
Full PR test history. Your PR dashboard. Command help for this repository. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
This passed yesterday 👀
|
That's why the check optional - vulnerabilities can pop up at any point in time. This one should be unrelated to changes of this PR. |
Yep. |
We have now a tool that checks for DISA STIG K8s compliance. We have only trivial/cosmetic findings that can possibly be changed at any time, but these two may have end user tangible consequences, so it would be good to combine them with a new Kubernetes minor version or we need to wait another 4 months for the next one. WDYT @shafeeqes @rfranzke?
Both should be very quick and simple to fix, but will this possibly alter behaviour (242434 for the workload and 245541 when interacting with the Kubelet via the API server like streaming logs, etc.)? If so (or unclear), we should probably better combine this with a new Kubernetes minor version (e.g. this one here, |
I think we have to wait for 1.26, this PR is already merged since 3 weeks and released as well. |
How to categorize this PR?
/area open-source usability
/kind enhancement
/topology garden seed shoot
What this PR does / why we need it:
Support for Kubernetes v1.25
Which issue(s) this PR fixes:
Part of #6567
Special notes for your reviewer:
k8s.io/*
Golang sources yet as we usually do this together with a newsigs.k8s.io/controller-runtime
upgrade.k8s.io/*
tov0.25
,sigs.k8s.io/controller-runtime
tov0.13
#6668provider-local
PodSecurityPolicy
usage / move toPodSecurity
#5250,PodSecurityPolicy
is still part of requiredPlugins.PodSecurityPolicy
from requiredPlugins and add a user-facing warning to consider migration #6700HorizontalPodAutoscaler
hvpa-controller#104Release note: