From e549eeb796485a7d912331ec0eeedf868531a845 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stanislav=20L=C3=A1zni=C4=8Dka?= <stlaz.devel@proton.me>
Date: Wed, 6 Nov 2024 18:49:29 +0100
Subject: [PATCH] introduce the KubeletEnsureSecretImages featuregate

---
 pkg/features/kube_features.go                              | 7 +++++++
 pkg/features/versioned_kube_features.go                    | 4 ++++
 .../reference/versioned_feature_list.yaml                  | 6 ++++++
 3 files changed, 17 insertions(+)

diff --git a/pkg/features/kube_features.go b/pkg/features/kube_features.go
index 5b9e4bdc79d..72694ae356d 100644
--- a/pkg/features/kube_features.go
+++ b/pkg/features/kube_features.go
@@ -345,6 +345,13 @@ const (
 	// fallback to using it's cgroupDriver option.
 	KubeletCgroupDriverFromCRI featuregate.Feature = "KubeletCgroupDriverFromCRI"
 
+	// owner: @stlaz
+	// kep: https://kep.k8s.io/2535
+	//
+	// Enables tracking credentials for image pulls in order to authorize image
+	// access for different tenants.
+	KubeletEnsureSecretPulledImages featuregate.Feature = "KubeletEnsureSecretPulledImages"
+
 	// owner: @vinayakankugoyal
 	// kep: http://kep.k8s.io/2862
 	//
diff --git a/pkg/features/versioned_kube_features.go b/pkg/features/versioned_kube_features.go
index 7ea7c0e9fa5..a5dab5911c1 100644
--- a/pkg/features/versioned_kube_features.go
+++ b/pkg/features/versioned_kube_features.go
@@ -432,6 +432,10 @@ var defaultVersionedKubernetesFeatureGates = map[featuregate.Feature]featuregate
 		{Version: version.MustParse("1.31"), Default: true, PreRelease: featuregate.Beta},
 	},
 
+	KubeletEnsureSecretPulledImages: {
+		{Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Alpha},
+	},
+
 	KubeletFineGrainedAuthz: {
 		{Version: version.MustParse("1.32"), Default: false, PreRelease: featuregate.Alpha},
 		{Version: version.MustParse("1.33"), Default: true, PreRelease: featuregate.Beta},
diff --git a/test/compatibility_lifecycle/reference/versioned_feature_list.yaml b/test/compatibility_lifecycle/reference/versioned_feature_list.yaml
index 0c9e20cc924..66ad2bdffbc 100644
--- a/test/compatibility_lifecycle/reference/versioned_feature_list.yaml
+++ b/test/compatibility_lifecycle/reference/versioned_feature_list.yaml
@@ -637,6 +637,12 @@
     lockToDefault: false
     preRelease: Alpha
     version: "1.32"
+- name: KubeletEnsureSecretPulledImages
+  versionedSpecs:
+  - default: false
+    lockToDefault: false
+    preRelease: Alpha
+    version: "1.33"
 - name: KubeletFineGrainedAuthz
   versionedSpecs:
   - default: false