-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Forbidden node labels and annotations #464
Conversation
01dd8ff
to
3f8fdc4
Compare
@prometherion need your help with tests because it is weird :(
But on github workflows always got an error like
|
359d768
to
319c8fd
Compare
@prometherion damn, I found out what going on with tests on 1.16 (that is the same issue I've discussed some time ago with guys from Kyverno on their slack) - we hit this kubernetes/kubernetes#100096 And as this regression isn't fixed for 1.16 and 1.17 I really don't know what to do with them - either drop their support (which may seem reasonable as these versions are obsolete for not) or just don't add this node webhook on versions that do not have this fix. |
03819a0
to
2f20fc7
Compare
ok, I was able to disable this webhook for versions that don't have a fix for CVE-2021-25735. @prometherion waiting for your review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a minor concern on autogenerated files, overall LGTM!
@prometherion i was on vacations, will fix everything you mentioned and merge it today in the evening |
2f20fc7
to
2b0b54d
Compare
* feat: forbidden node labels and annotations * test(e2e): forbidden node labels and annotations * build(kustomize): forbidden node labels and annotations * build(helm): forbidden node labels and annotations * build(installer): forbidden node labels and annotations * chore(make): forbidden node labels and annotations * docs: forbidden node labels and annotations * test(e2e): forbidden node labels and annotations. Use EventuallyCreation func * feat: forbidden node labels and annotations. Check kubernetes version * test(e2e): forbidden node labels and annotations. Check kubernetes version * docs: forbidden node labels and annotations. Version restrictions * feat: forbidden node labels and annotations. Do not update deepcopy functions * docs: forbidden node labels and annotations. Use blockquotes for notes Co-authored-by: Maksim Fedotov <[email protected]>
This reverts commit cadcb9e.
* feat: forbidden node labels and annotations * test(e2e): forbidden node labels and annotations * build(kustomize): forbidden node labels and annotations * build(helm): forbidden node labels and annotations * build(installer): forbidden node labels and annotations * chore(make): forbidden node labels and annotations * docs: forbidden node labels and annotations * test(e2e): forbidden node labels and annotations. Use EventuallyCreation func * feat: forbidden node labels and annotations. Check kubernetes version * test(e2e): forbidden node labels and annotations. Check kubernetes version * docs: forbidden node labels and annotations. Version restrictions * feat: forbidden node labels and annotations. Do not update deepcopy functions * docs: forbidden node labels and annotations. Use blockquotes for notes Co-authored-by: Maksim Fedotov <[email protected]>
closes #435