AhmedGrati
commented
1 year ago /assign
Open marquiz opened 1 year ago
AhmedGrati
commented
1 year ago /assign
k8s-triage-robot
commented
7 months ago The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/remove-lifecycle stale/closePlease send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
AhmedGrati
commented
7 months ago /remove-lifecycle stale
ArangoGutierrez
commented
7 months ago Only comment, is make sure is optional and easy to enable/disable from HELM
AhmedGrati
commented
7 months ago @ArangoGutierrez yes that's for sure!
TessaIO
commented
4 months ago /assign
k8s-triage-robot
commented
1 month ago The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/remove-lifecycle stale/closePlease send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
TessaIO
commented
1 month ago /remove-lifecycle stale
What would you like to be added:
Support SPIFFE for verifying nfd-worker/labeler IDs. For example, utilize spiffe IDs for verifying the identity of creator of NodeFeature objects, so that an actor from node A will not be able to modify properties of node B. This would also add one extra layer of protection (in addition to RBAC) on who is authorized to modify nodes with NodeFeature objects.
To simplify, gRPC could be possibly left out-of-scope, if needed, as it's being phased out.
Inspired by comment from @AhmedGrati on the node-feature-discovery slack channel.
Why is this needed:
Improved security