New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
track legacy service account tokens #108858
Conversation
/triage accepted |
561e6f0
to
6d67460
Compare
/retest |
Unfortunately, review time for this got starved out last week by regressions and reviews of existing features making progress towards beta. Will need to bump this to 1.25 to get thorough review and have more soak time of the new controller before a release. Can you update the enhancements issue and KEP to limit the 1.24 changes to the LegacyServiceAccountTokenNoAutoGeneration feature gate and retarget the others to 1.25? /milestone v1.25 |
/test pull-kubernetes-e2e-kind-ipv6 |
@cici37 what's the deadline for exceptions? i am not sure we can have this PR merged on time. |
@liggitt anything else we need to merge this PR? could you take another look? |
staging/src/k8s.io/apiserver/pkg/authentication/token/cache/cached_token_authenticator.go
Outdated
Show resolved
Hide resolved
6b35b1d
to
e7964ba
Compare
staging/src/k8s.io/apiserver/pkg/authentication/token/cache/cached_token_authenticator.go
Outdated
Show resolved
Hide resolved
staging/src/k8s.io/apiserver/pkg/authentication/token/cache/cached_token_authenticator.go
Outdated
Show resolved
Hide resolved
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: liggitt, zshihang The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/unhold |
/retest |
What type of PR is this?
/kind feature
What this PR does / why we need it:
this PR implements https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/2799-reduction-of-secret-based-service-account-token#legacyserviceaccounttokentracking
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
-[KEP]: kubernetes/enhancements#2800