Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated cherry pick of #52367 #55025

Merged
merged 3 commits into from
Nov 6, 2017
Merged

Automated cherry pick of #52367 #55025

merged 3 commits into from
Nov 6, 2017

Conversation

tallclair
Copy link
Member

@tallclair tallclair commented Nov 2, 2017
edited
Loading

Cherry pick of #52367 on release-1.8.

#52367: Basic GCE PodSecurityPolicy Config

Justification: this is only test & configuration changes. The configuration changes are required for enabling a beta feature on GCE environments.

Add support for PodSecurityPolicy on GCE: `ENABLE_POD_SECURITY_POLICY=true` enables the admission controller, and installs policies for default addons.

@tallclair tallclair added cherrypick-candidate sig/auth Categorizes an issue or PR as relevant to SIG Auth. labels Nov 2, 2017
@tallclair tallclair added this to the v1.8 milestone Nov 2, 2017
@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Nov 2, 2017
@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: tallclair
We suggest the following additional approver: mikedanese

Assign the PR to them by writing /assign @mikedanese in a comment when ready.

Associated issue: 52367

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@k8s-github-robot k8s-github-robot added the do-not-merge/cherry-pick-not-approved Indicates that a PR is not yet approved to merge into a release branch. label Nov 2, 2017
@liggitt
Copy link
Member

liggitt commented Nov 2, 2017

I expected the follow ups from the master PR to get resolved, so that optional add-ons worked as well, before picking this to a release branch

@liggitt
Copy link
Member

liggitt commented Nov 2, 2017

Also, should update the specific 1.8 test infra jobs to enable this to ensure it is tested before release

@jpbetz jpbetz added cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. and removed cherrypick-candidate labels Nov 3, 2017
@k8s-github-robot k8s-github-robot removed the do-not-merge/cherry-pick-not-approved Indicates that a PR is not yet approved to merge into a release branch. label Nov 3, 2017
@jpbetz jpbetz added approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Nov 3, 2017
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@tallclair tallclair added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 3, 2017
@tallclair tallclair mentioned this pull request Nov 3, 2017
Merged
@tallclair
Copy link
Member Author

I sent kubernetes/test-infra#5345 to enable testing in the 1.8 test suite. I agree we should enable testing prior to cherrypicking this, but I disagree that we should wait for the optional addon PSPs. I think it's valuable to start testing this now, as it should work with the default GCE config.

@tallclair
Copy link
Member Author

/retest

@tallclair tallclair removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 3, 2017
@tallclair
Copy link
Member Author

Oh, this depends on #53034

@tallclair tallclair mentioned this pull request Nov 3, 2017
Merged
k8s-github-robot pushed a commit that referenced this pull request Nov 4, 2017
Merge pull request #55090 from tallclair/automated-cherry-pick-of-#53…
483c3ce 
…034-upstream-release-1.8

Automatic merge from submit-queue.

Automated cherry pick of #53034

Cherry pick of #53034 on release-1.8.

#53034: Introduce GCE-specific addons directory

Justification: configuration only changes, required by #55025

I think this should be a trivial cherry pick. It adds the configuration machinery to build a new directory into the release, but doesn't actually put anything in that directory (i.e. it should be a no-op as far as release is concerned)

```release-note
NONE
```
@tallclair
Copy link
Member Author

/retest

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

4 similar comments
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@tallclair tallclair added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 4, 2017
This was referenced Nov 4, 2017
Closed
Merged
Merged
k8s-github-robot pushed a commit that referenced this pull request Nov 6, 2017
Merge pull request #55106 from tallclair/automated-cherry-pick-of-#53…
87fdb9f 
…479-upstream-release-1.8

Automatic merge from submit-queue.

Automated cherry pick of #53479 upstream release 1.8

Cherry pick of #53479 on release-1.8.

#53479: Aggregator test uses framework namespace

Justification: Test-only changes, required to unblock #55025

```release-note
NONE
```
k8s-github-robot pushed a commit that referenced this pull request Nov 6, 2017
Merge pull request #55107 from tallclair/automated-cherry-pick-of-#54…
e605925 
…175-upstream-release-1.8

Automatic merge from submit-queue.

Automated cherry pick of #54175

Cherry pick of #54175 on release-1.8.

#54175: Update fluentd-gcp DaemonSet

Justification: Low-risk, add a service account to fluentd daemonset. Also cleans up an artifact left by #54784 (unused ssl cert volume).

This is required to unblock #55025

```release-note
- fluentd-gcp runs with a dedicated fluentd-gcp service account
- Stop mounting the host certificates into fluentd pod
```
@tallclair
Copy link
Member Author

/retest

@tallclair tallclair removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 6, 2017
@k8s-github-robot
Copy link

/test all [submit-queue is verifying that this PR is safe to merge]

@k8s-github-robot
Copy link

Automatic merge from submit-queue.

@k8s-github-robot k8s-github-robot merged commit 01b7f8e into kubernetes:release-1.8 Nov 6, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jpbetz jpbetz

@liggitt liggitt

@destijl destijl

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/auth Categorizes an issue or PR as relevant to SIG Auth. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
v1.8
Development

Successfully merging this pull request may close these issues.
7 participants
@tallclair @k8s-github-robot @liggitt @fejta-bot @jpbetz @destijl @k8s-ci-robot