github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
07ef65a834
kubernetes/api/openapi-spec/v3
History
Shingo Omura 552fd7e850
KEP-3619: Fine-grained SupplementalGroups control (#117842) 
* Add `Linux{Sandbox,Container}SecurityContext.SupplementalGroupsPolicy` and `ContainerStatus.user` in cri-api

* Add `PodSecurityContext.SupplementalGroupsPolicy`, `ContainerStatus.User` and its featuregate

* Implement DropDisabledPodFields for PodSecurityContext.SupplementalGroupsPolicy and ContainerStatus.User fields

* Implement kubelet so to wire between SecurityContext.SupplementalGroupsPolicy/ContainerStatus.User and cri-api in kubelet

* Clarify `SupplementalGroupsPolicy` is an OS depdendent field.

* Make `ContainerStatus.User` is initially attached user identity to the first process in the ContainerStatus

It is because, the process identity can be dynamic if the initially attached identity
has enough privilege calling setuid/setgid/setgroups syscalls in Linux.

* Rewording suggestion applied

* Add TODO comment for updating SupplementalGroupsPolicy default value in v1.34

* Added validations for SupplementalGroupsPolicy and ContainerUser

* No need featuregate check in validation when adding new field with no default value

* fix typo: identitiy -> identity
2024-05-29 15:40:29 -07:00
..
.well-known__openid-configuration_openapi.json generated: Update OpenAPI 2022-03-29 17:49:56 -07:00
api__v1_openapi.json KEP-3619: Fine-grained SupplementalGroups control (#117842) 2024-05-29 15:40:29 -07:00
api_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__admissionregistration.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__admissionregistration.k8s.io__v1alpha1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__admissionregistration.k8s.io__v1beta1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__admissionregistration.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__apiextensions.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__apiextensions.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__apiregistration.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__apiregistration.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__apps__v1_openapi.json KEP-3619: Fine-grained SupplementalGroups control (#117842) 2024-05-29 15:40:29 -07:00
apis__apps_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__authentication.k8s.io__v1_openapi.json Fix list_type_missing in api/authentication 2023-11-27 12:06:25 -08:00
apis__authentication.k8s.io__v1alpha1_openapi.json Fix list_type_missing in api/authentication 2023-11-27 12:06:25 -08:00
apis__authentication.k8s.io__v1beta1_openapi.json Fix list_type_missing in api/authentication 2023-11-27 12:06:25 -08:00
apis__authentication.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__authorization.k8s.io__v1_openapi.json Fix list_type_missing in api/authorization 2023-11-27 12:06:26 -08:00
apis__authorization.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__autoscaling__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__autoscaling__v2_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__autoscaling_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__batch__v1_openapi.json KEP-3619: Fine-grained SupplementalGroups control (#117842) 2024-05-29 15:40:29 -07:00
apis__batch_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__certificates.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__certificates.k8s.io__v1alpha1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__certificates.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__coordination.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__coordination.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__discovery.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__discovery.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__events.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__events.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__flowcontrol.apiserver.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__flowcontrol.apiserver.k8s.io__v1beta3_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__flowcontrol.apiserver.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__internal.apiserver.k8s.io__v1alpha1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__internal.apiserver.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__networking.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__networking.k8s.io__v1alpha1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__networking.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__node.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__node.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__policy__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__policy_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__rbac.authorization.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__rbac.authorization.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__resource.k8s.io__v1alpha2_openapi.json DRA: sync internal API doc comments 2024-04-22 14:18:45 +02:00
apis__resource.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__scheduling.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__scheduling.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__storage.k8s.io__v1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__storage.k8s.io__v1alpha1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__storage.k8s.io_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
apis__storagemigration.k8s.io__v1alpha1_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis__storagemigration.k8s.io_openapi.json feat: implements Storage Version Migration API in-tree 2024-03-08 04:18:56 +00:00
apis_openapi.json Fix "list_type_missing" API violations in meta/v1 2023-11-27 12:05:52 -08:00
logs_openapi.json generated: Update OpenAPI 2022-03-29 17:49:56 -07:00
openid__v1__jwks_openapi.json generated: Update OpenAPI 2022-03-29 17:49:56 -07:00
version_openapi.json generated: Update OpenAPI 2022-03-29 17:49:56 -07:00