deprecate PSP in 1.21, but leave removal at 1.25

After discussion in sig-auth, the future of restricting pod security
settings does not lie in PSP because compatibility restrictions will
prevent the kinds of changes that are required.  To clearly signal this,
we will deprecate PSP in 1.21 and leave the removal of the api as 1.25 in
keeping with sig-arch required transitioning out of beta.
This commit is contained in:
David Eads 2020-12-09 16:54:10 -05:00
parent 7df379d751
commit 831651a69e
2 changed files with 7 additions and 4 deletions

View File

@ -135,10 +135,12 @@ type Eviction struct {
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:prerelease-lifecycle-gen:introduced=1.10
// +k8s:prerelease-lifecycle-gen:deprecated=1.22
// +k8s:prerelease-lifecycle-gen:deprecated=1.21
// +k8s:prerelease-lifecycle-gen:removed=1.25
// PodSecurityPolicy governs the ability to make requests that affect the Security Context
// that will be applied to a pod and container.
// Deprecated in 1.21.
type PodSecurityPolicy struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
@ -485,7 +487,8 @@ const AllowAllRuntimeClassNames = "*"
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:prerelease-lifecycle-gen:introduced=1.10
// +k8s:prerelease-lifecycle-gen:deprecated=1.22
// +k8s:prerelease-lifecycle-gen:deprecated=1.21
// +k8s:prerelease-lifecycle-gen:removed=1.25
// PodSecurityPolicyList is a list of PodSecurityPolicy objects.
type PodSecurityPolicyList struct {

View File

@ -83,7 +83,7 @@ func (in *PodSecurityPolicy) APILifecycleIntroduced() (major, minor int) {
// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
func (in *PodSecurityPolicy) APILifecycleDeprecated() (major, minor int) {
return 1, 22
return 1, 21
}
// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
@ -101,7 +101,7 @@ func (in *PodSecurityPolicyList) APILifecycleIntroduced() (major, minor int) {
// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
func (in *PodSecurityPolicyList) APILifecycleDeprecated() (major, minor int) {
return 1, 22
return 1, 21
}
// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.