New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AppArmor support #24
Comments
Original issue here: kubernetes/kubernetes#22159 |
Automatic merge from submit-queue AppArmor design proposal For kubernetes/enhancements#24 /cc @kubernetes/sig-node @erictune @matchstick
@timstclair it looks like the docs PR number is outdated. Please update the PR number and check the docs box once it's done |
Fixed. Thanks @janetkuo ! |
Docs kubernetes/website#1147 - @kubernetes/docs |
Is there an issue? I merged this one in last week. On Sep 21, 2016 1:30 PM, "Tim St. Clair" notifications@github.com wrote:
|
No, I was just following the instructions at the bottom of the issue, which I hadn't done before... |
Issues go stale after 90d of inactivity. Prevent issues from auto-closing with an If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
/remove-lifecycle rotten |
@tallclair @liggitt If so, can you please ensure the feature is up-to-date with the appropriate:
cc @idvoretskyi |
/lead-opted-in |
/label lead-opted-in |
hey @tallclair - sorry, I missed this KEP when scouring the boards earlier in this release cycle. Enhancements freeze is in just a few hours... https://github.com/kubernetes/enhancements/pull/4417/files needs to merge before we can track this towards the release. Do you think that will be possible? |
Hello 👋, 1.30 Enhancements team here. Unfortunately, this enhancement did not meet requirements for enhancements freeze. This question under If you still wish to progress this enhancement in 1.30, please file an exception request. Thanks! |
/milestone clear |
@tjons Sorry, I missed your comment on this issue. The KEP in question actually did merge in time for enhancements freeze, unless I mixed up the dates. Does this still need an exception request? /milestone v1.30 |
Hello @tallclair 👋, 1.30 Docs Lead here. Does this enhancement work planned for 1.30 require any new docs or modification to existing docs? Also, take a look at Documenting for a release to get yourself familiarize with the docs requirement for the release. |
The AppArmor docs definitely need a refresh. Most of these changes can be made against the main branch though. There will also be some API updates needed on the 1.30 branch though. |
Docs placeholder: kubernetes/website#45176 |
Hi @tallclair, 👋 from the v1.30 Communications Team! Are you planning to write a blog for this? We encourage blogs for features including, but not limited to: breaking changes, features and changes important to our users, and features that have been in progress for a long time and are graduating. To opt in, you need to open a Feature Blog placeholder PR against the website repository. |
Hey again @tallclair 👋 Enhancements team here, Just checking in as we approach code freeze at 02:00 UTC Wednesday 6th March 2024 . Here's where this enhancement currently stands:
For this enhancement, it looks like the following PR is open and needs to be merged before code freeze: Could you please add the above PR to the issue description? Also, please let me know if there are other PRs in k/k we should be tracking for this KEP. |
Updated the issue description with a link to kubernetes/kubernetes#123435. This is currently in the API review queue, scheduled for Thursday. |
With the exception request being approved, this can now be marked as |
Hey @tallclair - Enhancements team here. Now that this has merged and is on track to be Thank you! |
To clarify, we implemented all the planned changes, but decided to hold the feature in beta for another release. Should I still mark it as implemented, or wait for GA? |
Ah I understand. In that case wait for GA, thanks! |
Description
Add AppArmor support to Kubernetes. Initial support should include the ability to specify an AppArmor profile for a container or pod in the API, and have that profile applied by the container runtime.
Progress Tracker
/pkg/apis/...
)Code needs to be disabled by default. Verified by code OWNERSAppArmor is enabled by default, but gated by a feature-gate: Add AppArmor feature gate kubernetes#31473
FEATURE_STATUS is used for feature tracking and to be updated by @kubernetes/feature-reviewers.
FEATURE_STATUS: BETA
More advice:
Design
Coding
and sometimes http://github.com/kubernetes/contrib, or other repos.
check that the code matches the proposed feature and design, and that everything is done, and that there is adequate
testing. They won't do detailed code review: that already happened when your PRs were reviewed.
When that is done, you can check this box and the reviewer will apply the "code-complete" label.
Docs
The text was updated successfully, but these errors were encountered: