mirror of
https://github.com/k3s-io/kubernetes.git
synced 2026-01-13 19:36:22 +00:00
61cddc9a7f
Automatic merge from submit-queue (batch tested with PRs 59533, 61971). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Make certificate approve/deny no-op if CSR is already approved Approval for CSRs is only needed once. If the CSR is already approved or denied we can skip updating it. Add a `--force` flag that allows the existing behavior for when a user has a specific need to update the CSR. This is backwards compatible with the intended use of the conditions, although it's possible some users are depending on the status being updated. It makes bulk approval as an admin much faster for scripting. @kubernetes/sig-auth-pr-reviews ```release-note `kubectl certificate approve|deny` will not modify an already approved or denied CSR unless the `--force` flag is provided. ```