mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 19:56:01 +00:00
Merge pull request #63740 from dims/control-exactly-what-we-use-in-kubeadm
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Control exactly what we use in kubeadm
**What this PR does / why we need it**:
we recently got rid of extra arg validation for preflight check:
9f21f5dd1e
the import-boss configuration will help us control exactly what
gets added/used in kubeadm. In this PR, we add a white-list of
the exact packages we use currently.
We will need to review these, make new PR(s) to eliminate things
we don't want to be depending on (just like the cloud provider related code).
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
This commit is contained in:
Kubernetes Submit Queue
GitHub
commit
2fd9d8654e
179
cmd/kubeadm/.import-restrictions
Normal file
179
cmd/kubeadm/.import-restrictions
Normal file
@ -0,0 +1,179 @@
|
||||
{
|
||||
"Rules": [
|
||||
{
|
||||
"SelectorRegexp": "k8s[.]io/(api/|apimachinery/|apiextensions-apiserver/|apiserver/)",
|
||||
"AllowedPrefixes": [
|
||||
""
|
||||
]
|
||||
},
|
||||
{
|
||||
"SelectorRegexp": "k8s[.]io/client-go/",
|
||||
"AllowedPrefixes": [
|
||||
""
|
||||
]
|
||||
},
|
||||
{
|
||||
"SelectorRegexp": "k8s[.]io/kube-openapi/",
|
||||
"AllowedPrefixes": [
|
||||
"k8s.io/kube-openapi/pkg/util/proto"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SelectorRegexp": "k8s[.]io/kubernetes/cmd",
|
||||
"AllowedPrefixes": [
|
||||
"k8s.io/kubernetes/cmd/kubeadm"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SelectorRegexp": "k8s[.]io/kubernetes/test",
|
||||
"AllowedPrefixes": [
|
||||
"k8s.io/kubernetes/test/e2e_node/system"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SelectorRegexp": "k8s[.]io/utils",
|
||||
"AllowedPrefixes": [
|
||||
"k8s.io/utils/exec"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SelectorRegexp": "k8s[.]io/kubernetes/pkg",
|
||||
"AllowedPrefixes": [
|
||||
"k8s.io/kubernetes/pkg/api/endpoints",
|
||||
"k8s.io/kubernetes/pkg/api/events",
|
||||
"k8s.io/kubernetes/pkg/api/legacyscheme",
|
||||
"k8s.io/kubernetes/pkg/api/pod",
|
||||
"k8s.io/kubernetes/pkg/api/ref",
|
||||
"k8s.io/kubernetes/pkg/api/resource",
|
||||
"k8s.io/kubernetes/pkg/api/service",
|
||||
"k8s.io/kubernetes/pkg/api/v1/pod",
|
||||
"k8s.io/kubernetes/pkg/apis/admissionregistration",
|
||||
"k8s.io/kubernetes/pkg/apis/admissionregistration/install",
|
||||
"k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1",
|
||||
"k8s.io/kubernetes/pkg/apis/apps",
|
||||
"k8s.io/kubernetes/pkg/apis/apps/v1",
|
||||
"k8s.io/kubernetes/pkg/apis/apps/v1beta1",
|
||||
"k8s.io/kubernetes/pkg/apis/authentication",
|
||||
"k8s.io/kubernetes/pkg/apis/authentication/install",
|
||||
"k8s.io/kubernetes/pkg/apis/authentication/v1beta1",
|
||||
"k8s.io/kubernetes/pkg/apis/authorization",
|
||||
"k8s.io/kubernetes/pkg/apis/authorization/install",
|
||||
"k8s.io/kubernetes/pkg/apis/autoscaling",
|
||||
"k8s.io/kubernetes/pkg/apis/batch",
|
||||
"k8s.io/kubernetes/pkg/apis/batch/install",
|
||||
"k8s.io/kubernetes/pkg/apis/batch/v1beta1",
|
||||
"k8s.io/kubernetes/pkg/apis/batch/v2alpha1",
|
||||
"k8s.io/kubernetes/pkg/apis/certificates",
|
||||
"k8s.io/kubernetes/pkg/apis/componentconfig",
|
||||
"k8s.io/kubernetes/pkg/apis/core",
|
||||
"k8s.io/kubernetes/pkg/apis/core/helper",
|
||||
"k8s.io/kubernetes/pkg/apis/core/pods",
|
||||
"k8s.io/kubernetes/pkg/apis/core/v1",
|
||||
"k8s.io/kubernetes/pkg/apis/core/v1/helper/qos",
|
||||
"k8s.io/kubernetes/pkg/apis/core/validation",
|
||||
"k8s.io/kubernetes/pkg/apis/events",
|
||||
"k8s.io/kubernetes/pkg/apis/extensions",
|
||||
"k8s.io/kubernetes/pkg/apis/networking",
|
||||
"k8s.io/kubernetes/pkg/apis/networking/v1",
|
||||
"k8s.io/kubernetes/pkg/apis/policy",
|
||||
"k8s.io/kubernetes/pkg/apis/rbac",
|
||||
"k8s.io/kubernetes/pkg/apis/rbac/v1",
|
||||
"k8s.io/kubernetes/pkg/apis/scheduling",
|
||||
"k8s.io/kubernetes/pkg/apis/settings",
|
||||
"k8s.io/kubernetes/pkg/apis/settings/install",
|
||||
"k8s.io/kubernetes/pkg/apis/settings/v1alpha1",
|
||||
"k8s.io/kubernetes/pkg/apis/storage",
|
||||
"k8s.io/kubernetes/pkg/capabilities",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion",
|
||||
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider",
|
||||
"k8s.io/kubernetes/pkg/controller",
|
||||
"k8s.io/kubernetes/pkg/controller/bootstrap",
|
||||
"k8s.io/kubernetes/pkg/credentialprovider",
|
||||
"k8s.io/kubernetes/pkg/features",
|
||||
"k8s.io/kubernetes/pkg/fieldpath",
|
||||
"k8s.io/kubernetes/pkg/generated",
|
||||
"k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes",
|
||||
"k8s.io/kubernetes/pkg/kubectl",
|
||||
"k8s.io/kubernetes/pkg/kubectl/apps",
|
||||
"k8s.io/kubernetes/pkg/kubectl/cmd/scalejob",
|
||||
"k8s.io/kubernetes/pkg/kubectl/cmd/templates",
|
||||
"k8s.io/kubernetes/pkg/kubectl/cmd/util",
|
||||
"k8s.io/kubernetes/pkg/kubectl/genericclioptions",
|
||||
"k8s.io/kubernetes/pkg/kubectl/plugins",
|
||||
"k8s.io/kubernetes/pkg/kubectl/scheme",
|
||||
"k8s.io/kubernetes/pkg/kubectl/util",
|
||||
"k8s.io/kubernetes/pkg/kubectl/util/i18n",
|
||||
"k8s.io/kubernetes/pkg/kubectl/validation",
|
||||
"k8s.io/kubernetes/pkg/kubelet/apis",
|
||||
"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig",
|
||||
"k8s.io/kubernetes/pkg/kubelet/qos",
|
||||
"k8s.io/kubernetes/pkg/kubelet/types",
|
||||
"k8s.io/kubernetes/pkg/master/ports",
|
||||
"k8s.io/kubernetes/pkg/master/reconcilers",
|
||||
"k8s.io/kubernetes/pkg/printers",
|
||||
"k8s.io/kubernetes/pkg/printers/internalversion",
|
||||
"k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig",
|
||||
"k8s.io/kubernetes/pkg/registry/core/endpoint",
|
||||
"k8s.io/kubernetes/pkg/registry/core/service/allocator",
|
||||
"k8s.io/kubernetes/pkg/registry/core/service/ipallocator",
|
||||
"k8s.io/kubernetes/pkg/registry/rbac/validation",
|
||||
"k8s.io/kubernetes/pkg/scheduler/algorithm",
|
||||
"k8s.io/kubernetes/pkg/scheduler/api",
|
||||
"k8s.io/kubernetes/pkg/scheduler/schedulercache",
|
||||
"k8s.io/kubernetes/pkg/scheduler/util",
|
||||
"k8s.io/kubernetes/pkg/security/apparmor",
|
||||
"k8s.io/kubernetes/pkg/serviceaccount",
|
||||
"k8s.io/kubernetes/pkg/util/file",
|
||||
"k8s.io/kubernetes/pkg/util/hash",
|
||||
"k8s.io/kubernetes/pkg/util/initsystem",
|
||||
"k8s.io/kubernetes/pkg/util/interrupt",
|
||||
"k8s.io/kubernetes/pkg/util/io",
|
||||
"k8s.io/kubernetes/pkg/util/labels",
|
||||
"k8s.io/kubernetes/pkg/util/metrics",
|
||||
"k8s.io/kubernetes/pkg/util/mount",
|
||||
"k8s.io/kubernetes/pkg/util/net/sets",
|
||||
"k8s.io/kubernetes/pkg/util/node",
|
||||
"k8s.io/kubernetes/pkg/util/normalizer",
|
||||
"k8s.io/kubernetes/pkg/util/nsenter",
|
||||
"k8s.io/kubernetes/pkg/util/parsers",
|
||||
"k8s.io/kubernetes/pkg/util/pointer",
|
||||
"k8s.io/kubernetes/pkg/util/procfs",
|
||||
"k8s.io/kubernetes/pkg/util/slice",
|
||||
"k8s.io/kubernetes/pkg/util/taints",
|
||||
"k8s.io/kubernetes/pkg/util/version",
|
||||
"k8s.io/kubernetes/pkg/version",
|
||||
"k8s.io/kubernetes/pkg/volume",
|
||||
"k8s.io/kubernetes/pkg/volume/util"
|
||||
],
|
||||
"ForbiddenPrefixes": [
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/aws",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/azure",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/fake",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/gce",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/openstack",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/photon",
|
||||
"k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user