Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Graduate SeccompDefault feature to beta #34640

Merged
merged 1 commit into from
Jul 16, 2022
Merged

Graduate SeccompDefault feature to beta #34640

merged 1 commit into from
Jul 16, 2022

Conversation

saschagrunert
Copy link
Member

@saschagrunert saschagrunert commented Jun 27, 2022
edited
Loading

We now update the documentation to reflect the current state of the feature.

Refers to: kubernetes/enhancements#2413
k/k PR: kubernetes/kubernetes#110805

@netlify
Copy link

netlify bot commented Jun 27, 2022
edited
Loading

👷 Deploy Preview for kubernetes-io-vnext-staging processing.

Name Link
🔨 Latest commit 5d66e4b
🔍 Latest deploy log https://app.netlify.com/sites/kubernetes-io-vnext-staging/deploys/62bc544a6373d2000804c2c0

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jun 27, 2022
@saschagrunert saschagrunert mentioned this pull request Jun 27, 2022
Closed
12 tasks
@k8s-ci-robot k8s-ci-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Jun 27, 2022
@saschagrunert saschagrunert changed the title Graduate SeccompDefault to beta Graduate SeccompDefault feature to beta Jun 27, 2022
@k8s-ci-robot k8s-ci-robot requested a review from kbhawkey June 27, 2022 08:53
@k8s-ci-robot k8s-ci-robot added the language/en Issues or PRs related to English language label Jun 27, 2022
@k8s-ci-robot k8s-ci-robot requested a review from pjbgf June 27, 2022 08:53
@k8s-ci-robot k8s-ci-robot added the sig/docs Categorizes an issue or PR as relevant to SIG Docs. label Jun 27, 2022
@saschagrunert saschagrunert force-pushed the seccomp-default-beta branch from cdccc0c to bdbec37 Compare June 27, 2022 08:53
@saschagrunert saschagrunert mentioned this pull request Jun 27, 2022
Merged
@saschagrunert saschagrunert force-pushed the seccomp-default-beta branch 2 times, most recently from ba90192 to fe639da Compare June 27, 2022 08:58
sftim
sftim reviewed Jun 27, 2022
View reviewed changes
Copy link
Contributor

@sftim sftim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some changes needed, I'm afraid.

content/en/docs/reference/command-line-tools-reference/feature-gates.md Show resolved Hide resolved
content/en/docs/tutorials/security/seccomp.md Outdated Show resolved Hide resolved
content/en/docs/tutorials/security/seccomp.md Outdated Show resolved Hide resolved
content/en/docs/tutorials/security/seccomp.md Outdated Show resolved Hide resolved
@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jun 27, 2022
@saschagrunert saschagrunert force-pushed the seccomp-default-beta branch from 35a3b07 to b4404c3 Compare June 27, 2022 11:19
@saschagrunert
Copy link
Member Author

Some changes needed, I'm afraid.

Thanks for the fast review, I incorporated the requested changes. 👍

@saschagrunert saschagrunert force-pushed the seccomp-default-beta branch from b4404c3 to dd59660 Compare June 27, 2022 12:37
@saschagrunert saschagrunert force-pushed the seccomp-default-beta branch from dd59660 to 30b3885 Compare June 28, 2022 07:48
pjbgf
pjbgf approved these changes Jun 29, 2022
View reviewed changes
Copy link
Member

@pjbgf pjbgf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@saschagrunert thanks for the continuous work on seccomp. 🙇

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 29, 2022
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 338b155980df4d3106b470dc0a06743f6c108009

@saschagrunert @sftim
Graduate SeccompDefault feature to beta
5d66e4b 
We now update the documentation to reflect the current state of the
feature.

Refers to: kubernetes/enhancements#2413

Signed-off-by: Sascha Grunert <[email protected]>
Co-authored-by: Tim Bannister <[email protected]>
Signed-off-by: Sascha Grunert <[email protected]>
@saschagrunert saschagrunert force-pushed the seccomp-default-beta branch from 30b3885 to 5d66e4b Compare June 29, 2022 13:31
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 29, 2022
@k8s-ci-robot k8s-ci-robot requested a review from pjbgf June 29, 2022 13:31
@mtardy
Copy link
Member

mtardy commented Jun 29, 2022

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 29, 2022
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: b012647e072ac80abc71ee16cf2e55284a54926f

@reylejano
Copy link
Member

/milestone 1.25
/assign @sethmccombs

@k8s-ci-robot k8s-ci-robot added this to the 1.25 milestone Jun 29, 2022
@saschagrunert
Copy link
Member Author

k/k PR got merged, can we also merge this one now?

kbhawkey
kbhawkey reviewed Jul 11, 2022
View reviewed changes
content/en/docs/tutorials/security/seccomp.md
pass the flags `--feature-gates=SeccompDefault=true --seccomp-default` to the
`kubelet` CLI or enable it via the [kubelet configuration
file](/docs/tasks/administer-cluster/kubelet-config-file/). To enable the
Seccomp defaulting for Pods is a beta feature in Kubernetes {{< skew currentVersion >}},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question: Is the feature called 'Seccomp defaulting' or 'Seccomp'?
I'm not sure I understand the use of the word, 'defaulting'. Which or what is 'defaulting'?
However, you still need to enable this defaulting for each node where you would like to use it.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, fixing it in #35121

@kbhawkey
Copy link
Contributor

Thanks @saschagrunert
/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kbhawkey, pjbgf

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 16, 2022
@k8s-ci-robot k8s-ci-robot merged commit 6effba1 into kubernetes:dev-1.25 Jul 16, 2022
@pjbgf pjbgf deleted the seccomp-default-beta branch July 16, 2022 14:33
@saschagrunert saschagrunert mentioned this pull request Jul 18, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sftim sftim sftim left review comments

@mtardy mtardy mtardy left review comments

@kbhawkey kbhawkey kbhawkey left review comments

@cbandy cbandy cbandy left review comments

@pjbgf pjbgf Awaiting requested review from pjbgf

Assignees

@pjbgf pjbgf

@sethmccombs sethmccombs

@mtardy mtardy

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. language/en Issues or PRs related to English language lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/docs Categorizes an issue or PR as relevant to SIG Docs. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
1.25
Development

Successfully merging this pull request may close these issues.
9 participants
@saschagrunert @k8s-ci-robot @mtardy @reylejano @kbhawkey @cbandy @pjbgf @sftim @sethmccombs