github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-28 22:17:14 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #75064 from apelisse/fix-volume-test

Browse Source 
Ignore changes to managed field in noderestriction
This commit is contained in:
Kubernetes Prow Robot 2019-03-07 02:22:59 -08:00 committed by GitHub
commit b605bb93b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
plugin/pkg/admission/noderestriction/admission.go
View File

@ -309,6 +309,12 @@ func (c *nodePlugin) admitPVCStatus(nodeName string, a admission.Attributes) err
oldPVC.Status.Conditions = nil
newPVC.Status.Conditions = nil
// TODO(apelisse): We don't have a good mechanism to
// verify that only the things that should have changed
// have changed. Ignore it for now.
oldPVC.ObjectMeta.ManagedFields = nil
newPVC.ObjectMeta.ManagedFields = nil
// ensure no metadata changed. nodes should not be able to relabel, add finalizers/owners, etc
if !apiequality.Semantic.DeepEqual(oldPVC, newPVC) {
return admission.NewForbidden(a, fmt.Errorf("node %q is not allowed to update fields other than status.capacity and status.conditions: %v", nodeName, diff.ObjectReflectDiff(oldPVC, newPVC)))