scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-02 03:08:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename kubelet CSR admission feature gate

Browse Source 
Retitle the feature to the affirmative ("AllowInsecure...=false") instead of a
double-negative ("Disable$NEWTHING...=false") for clarity

Signed-off-by: Micah Hausler <mhausler@amazon.com>
This commit is contained in:
Micah Hausler
2024-07-29 09:58:26 -05:00
parent 7a4c962341
commit a7af830209
3 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugin/pkg/admission/noderestriction/admission.go
View File

@@ -74,9 +74,9 @@ type Plugin struct {
podsGetter corev1lister.PodLister
nodesGetter corev1lister.NodeLister
expansionRecoveryEnabled bool
dynamicResourceAllocationEnabled bool
kubeletCSRAdmissionValidationDisabled bool
expansionRecoveryEnabled bool
dynamicResourceAllocationEnabled bool
allowInsecureKubeletCertificateSigningRequests bool
}
var (
@@ -89,7 +89,7 @@ var (
func (p *Plugin) InspectFeatureGates(featureGates featuregate.FeatureGate) {
p.expansionRecoveryEnabled = featureGates.Enabled(features.RecoverVolumeExpansionFailure)
p.dynamicResourceAllocationEnabled = featureGates.Enabled(features.DynamicResourceAllocation)
p.kubeletCSRAdmissionValidationDisabled = featureGates.Enabled(features.DisableKubeletCSRAdmissionValidation)
p.allowInsecureKubeletCertificateSigningRequests = featureGates.Enabled(features.AllowInsecureKubeletCertificateSigningRequests)
}
// SetExternalKubeInformerFactory registers an informer factory into Plugin
@@ -176,7 +176,7 @@ func (p *Plugin) Admit(ctx context.Context, a admission.Attributes, o admission.
return p.admitResourceSlice(nodeName, a)
case csrResource:
if p.kubeletCSRAdmissionValidationDisabled {
if p.allowInsecureKubeletCertificateSigningRequests {
return nil
}
return p.admitCSR(nodeName, a)

2
plugin/pkg/admission/noderestriction/admission_test.go
View File

@@ -1278,7 +1278,7 @@ func Test_nodePlugin_Admit(t *testing.T) {
features: feature.DefaultFeatureGate,
setupFunc: func(t *testing.T) {
t.Helper()
featuregatetesting.SetFeatureGateDuringTest(t, feature.DefaultFeatureGate, features.DisableKubeletCSRAdmissionValidation, true)
featuregatetesting.SetFeatureGateDuringTest(t, feature.DefaultFeatureGate, features.AllowInsecureKubeletCertificateSigningRequests, true)
},
},
{