New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement CEL for Admission Control #113314
Conversation
Skipping CI for Draft Pull Request. |
e84d680
to
0f6f0a0
Compare
/triage accepted |
/triage accepted |
f39bddd#diff-8373713a13b6954db9e75feb56822affd3ea92e57ded202a1b14933bfca8c21aR138 is a breadcrumb to adding an admission plugin that looks at feature gates to know if it should be active/enabled or not |
dd8f3e6
to
e13fbe5
Compare
/test all |
e13fbe5
to
51f8ce8
Compare
all my blocking comments are addressed, and non-blocking comments are captured in graduation criteria and/or follow-up tasks this lgtm |
/retest |
integration failure is unrelated, caused by #113651 and has a fix in progress |
…EL in Admission Control
API - Auto update API - make update API - make update
a949227
to
1f27b1d
Compare
Moved RestMapper and add DynamicClient
Co-authored-by: Jiahui Feng <jhf@google.com> Co-authored-by: Jordan Liggitt <liggitt@google.com>
Co-authored-by: Max Smythe <smythe@google.com>
Co-authored-by: Kermit Alexander II <kermitalexandr@google.com>
Co-authored-by: Alexander Zielenski <zielenski@google.com> Co-authored-by: Joe Betz <jpbetz@google.com>
1f27b1d
to
e7d83a1
Compare
/lgtm API review completed in #112883 (and doc/validation tweaked in this PR) additional implementation review and lgtm by @jpbetz (#113314 (comment)), @alexzielenski (#113314 (comment)), and @jiahuif (#113314 (comment)) |
What type of PR is this?
/kind feature
What this PR does / why we need it:
Introduce v1alpha1 API for validating admission policies, enabling extensible admission control via CEL expressions (KEP 3488: CEL for Admission Control). To use enable the CELValidatingAdmission feature gate and the
admissionregistration.k8s.io/v1alpha1
API via --runtime-config.Co-authored with: @alexzielenski @jpbetz @jiahuif @liggitt @maxsmythe @DangerOnTheRanger
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: