[GEP-26] CredentialsBinding validation via admission webhook

gardener / gardener-extension-provider-aws

Gardener extension controller for the AWS cloud provider (https://aws.amazon.com).

https://gardener.cloud

Apache License 2.0

18 stars 96 forks source link

[GEP-26] CredentialsBinding validation via admission webhook #1047

Open dimityrmirchev opened 1 week ago

dimityrmirchev commented 1 week ago

How to categorize this PR?

/area security ipcei /kind enhancement /platform aws /label ipcei/workload-identity

What this PR does / why we need it:

Which issue(s) this PR fixes: Part of https://github.com/gardener/gardener/issues/9586

Special notes for your reviewer:

Release note:

The admission webhook now validates `CredentialsBinding`s.

gardener-robot commented 1 week ago

@dimityrmirchev Label ipcei/workload-identity does not exist.

dimityrmirchev commented 1 week ago

cc @vpnachev

gardener-robot commented 1 week ago

@dimityrmirchev Label ipcei/workload-identity does not exist.

dimityrmirchev commented 1 week ago

Thanks for reviewing @vpnachev , I will also address your feedback in the other PRs that I opened for other provider extensions. Meanwhile I will move their status to draft until this one is finalized.

vpnachev commented 4 days ago

/lgtm

dimityrmirchev commented 3 days ago

/label reviewed/ok-to-test

vpnachev commented 2 days ago

/lgtm