feat: versioning --update #125234

Signed-off-by: nikzayn <nikhilvaidyar1997@gmail.com>
2025-08-15 23:03:40 +00:00 · 2024-06-02 11:58:00 +05:30 · 2024-06-02 11:58:00 +05:30 · 97108d5b21
commit 97108d5b21
parent ab87218cf1
3 changed files with 12 additions and 8 deletions
--- a/staging/src/k8s.io/pod-security-admission/policy/check_sysctls.go
+++ b/staging/src/k8s.io/pod-security-admission/policy/check_sysctls.go
@ -74,6 +74,10 @@ func CheckSysctls() Check {
 				MinimumVersion: api.MajorMinorVersion(1, 29),
 				CheckPod:       sysctlsV1Dot29,
 			},
+			{
+				MinimumVersion: api.MajorMinorVersion(1, 32),
+				CheckPod:       sysctlsV1Dot32,
+			},
 		},
 	}
 }
@ -106,7 +110,7 @@ var (
 		"net.ipv4.tcp_keepalive_intvl",
 		"net.ipv4.tcp_keepalive_probes",
 	)
-	sysctlsAllowedV1Dot30 = sets.NewString(
+	sysctlsAllowedV1Dot32 = sets.NewString(
 		"net.ipv4.tcp_rmem",
 		"net.ipv4.tcp_wmem",
 	)
@ -124,8 +128,8 @@ func sysctlsV1Dot29(podMetadata *metav1.ObjectMeta, podSpec *corev1.PodSpec) Che
 	return sysctls(podMetadata, podSpec, sysctlsAllowedV1Dot29)
 }

-func sysctlsV1Dot30(podMetadata *metav1.ObjectMeta, podSpec *corev1.PodSpec) CheckResult {
-	return sysctls(podMetadata, podSpec, sysctlsAllowedV1Dot30)
+func sysctlsV1Dot32(podMetadata *metav1.ObjectMeta, podSpec *corev1.PodSpec) CheckResult {
+	return sysctls(podMetadata, podSpec, sysctlsAllowedV1Dot32)
 }

 func sysctls(podMetadata *metav1.ObjectMeta, podSpec *corev1.PodSpec, sysctls_allowed_set sets.String) CheckResult {
--- a/staging/src/k8s.io/pod-security-admission/policy/check_sysctls_test.go
+++ b/staging/src/k8s.io/pod-security-admission/policy/check_sysctls_test.go
@ -267,7 +267,7 @@ func TestSysctls_1_29(t *testing.T) {
 	}
 }

-func TestSysctls_1_30(t *testing.T) {
+func TestSysctls_1_32(t *testing.T) {
 	tests := []struct {
 		name         string
 		pod          *corev1.Pod
@ -308,7 +308,7 @@ func TestSysctls_1_30(t *testing.T) {

 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			result := sysctlsV1Dot30(&tc.pod.ObjectMeta, &tc.pod.Spec)
+			result := sysctlsV1Dot32(&tc.pod.ObjectMeta, &tc.pod.Spec)
 			if !tc.allowed {
 				if result.Allowed {
 					t.Fatal("expected disallowed")
--- a/staging/src/k8s.io/pod-security-admission/test/fixtures_sysctls.go
+++ b/staging/src/k8s.io/pod-security-admission/test/fixtures_sysctls.go
@ -157,7 +157,7 @@ func init() {
 		fixtureDataV1Dot29,
 	)

-	fixtureDataV1Dot30 := fixtureGenerator{
+	fixtureDataV1Dot32 := fixtureGenerator{
 		expectErrorSubstring: "forbidden sysctl",
 		generatePass: func(p *corev1.Pod) []*corev1.Pod {
 			if p.Spec.SecurityContext == nil {
@ -188,7 +188,7 @@ func init() {
 		},
 	}
 	registerFixtureGenerator(
-		fixtureKey{level: api.LevelBaseline, version: api.MajorMinorVersion(1, 29), check: "sysctls"},
-		fixtureDataV1Dot30,
+		fixtureKey{level: api.LevelBaseline, version: api.MajorMinorVersion(1, 32), check: "sysctls"},
+		fixtureDataV1Dot32,
 	)
 }