PushkarJ
commented
2 years ago /sig security docs
Open PushkarJ opened 2 years ago
PushkarJ
commented
2 years ago /sig security docs
k8s-triage-robot
commented
2 years ago The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/remove-lifecycle stale/lifecycle rotten/closePlease send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
PushkarJ
commented
2 years ago /remove-lifecycle stale
jasonbraganza
commented
2 years ago Hello @PushkarJ, @nehaLohia27 👋, 1.25 Enhancements team here.
Just checking in as we approach enhancements freeze on 18:00 PST on Thursday June 16, 2022.
For note, This enhancement is targeting for stage alpha for 1.25 (correct me, if otherwise)
Here's where this enhancement currently stands:
implementableLooks like for this one, we would need to update the open PR https://github.com/kubernetes/enhancements/pull/3204/ with the following:
kep.yaml file to reflect the latest milestone informationTest plan section, so that it incorporates the updated detailed test plan section requirementsGraduation criteria section with appropriate details. For note, the status of this enhancement is marked as at risk. Please keep the issue description up-to-date with appropriate stages as well. Thank you!
PushkarJ
commented
2 years ago Thank you for the detailed feedback @jasonbraganza . I believe the latest updates to PR #3204 should resolve the pending items. Please let us know if anything else is missing!
jasonbraganza
commented
2 years ago Thank you so much, @PushkarJ! I’ll update the KEP in our enhancements sheet to tracked
Atharva-Shinde
commented
2 years ago Hi @PushkarJ, Enhancements team here again 👋
Checking in as we approach Code Freeze at 01:00 UTC on Wednesday, 3rd August 2022.
Please ensure that the following items are completed before the code-freeze:
Currently, the status of the enhancement is marked as at-risk
Thanks :)
PushkarJ
commented
2 years ago Thanks for the reminder @Atharva-Shinde. Added all the relevant PRs in the issue description now :)
cici37
commented
2 years ago The relevant PRs against this KEP:
k/website) update PR(s): https://github.com/kubernetes/website/pull/35228k/k8s.io PR(s): https://github.com/kubernetes/k8s.io/pull/4009 andk/test-infra PR(s): https://github.com/kubernetes/test-infra/pull/26896
For tracking purpose. cc @Priyankasaggu11929 
Priyankasaggu11929
commented
2 years ago @PushkarJ I have marked this enhancement as tracked. 🙂
PushkarJ
commented
2 years ago Thank you @Priyankasaggu11929 and @cici37
PushkarJ
commented
2 years ago @Priyankasaggu11929 @cici37 all PRs except https://github.com/kubernetes/website/pull/35228 are now merged !!!
PushkarJ
commented
2 years ago All PRs are merged! Working on feature blog now: https://github.com/kubernetes/website/pull/35608
PushkarJ
commented
2 years ago :sparkles: Kubernetes v1.25 is live :sparkles:
What that means is that the official CVE feed built as part of KEP-3203 is live too. You can find it here:
Upcoming blog posts to be published on Sept 12 will cover more details
PushkarJ
commented
1 year ago /stage beta
jeremyrickard
commented
1 year ago /milestone v1.27
Atharva-Shinde
commented
1 year ago Hello @PushkarJ 👋, Enhancements team here.
Just checking in as we approach Enhancements freeze on 18:00 PDT Thursday 9th February 2023.
This enhancement is targeting for stage beta for 1.27 (correct me, if otherwise)
Here's where this enhancement currently stands:
implementable for latest-milestone: 1.27For this KEP, we would just need to update the following:
The status of this enhancement is marked as at risk. Please keep the issue description up-to-date with appropriate stages as well. Thank you!
PushkarJ
commented
1 year ago Update it's test plan section to be in compliance with the latest KEP readme template Add response for this question in the Scalability questionnaire of the KEP readme
@Atharva-Shinde thank you for the highlight on next steps. The testplan updates and the scalability question won't apply here as this is an out of tree enhancement i.e. we are not making changes to k/k
I am working on addressing others as part of https://github.com/kubernetes/enhancements/pull/3828 Let me know if this PR needs any update to conform with latest template of README
Atharva-Shinde
commented
1 year ago Hey again @PushkarJ
Please try to get the KEP PR #3828 (addressing the changes required), merged before tomorrow's Enhancement Freeze :)
The status of this enhancement is still marked as at risk
Atharva-Shinde
commented
1 year ago @Atharva-Shinde thank you for the highlight on next steps. The testplan updates and the scalability question won't apply here as this is an out of tree enhancement i.e. we are not making changes to k/k
I am working on addressing others as part of https://github.com/kubernetes/enhancements/pull/3828 Let me know if this PR needs any update to conform with latest template of README
ack 👍
marosset
commented
1 year ago With #3828 merged this enhancement meets all the requirements to be tracked for v1.27 Thanks @PushkarJ!
sftim
commented
1 year ago :thought_balloon: we can - if we're sure we want to - publish our advisories to https://github.com/kubernetes/kubernetes/security/advisories
it's not as simple because we have lots of repos but only one official CVE ID list.
sftim
commented
1 year ago The CVE feed is now a valid JSON feed. See https://kubernetes.io/docs/reference/issues-security/official-cve-feed/
PushkarJ
commented
1 year ago Yes @sftim !! Big 👍 to @mtardy
To clarify the feed was a valid JSON before too but didn't conform to JSONFeed Spec.
Now it is indeed valid: https://validator.jsonfeed.org/?url=https%3A%2F%2Fkubernetes.io%2Fdocs%2Freference%2Fissues-security%2Fofficial-cve-feed%2Findex.json
Atharva-Shinde
commented
1 year ago Hey again @PushkarJ 👋 Enhancements team here, Just checking in as we approach 1.27 code freeze at 17:00 PDT on Tuesday 14th March 2023. As this is an out of tree enhancement please ensure that all the PRs related to this KEP are linked in the Issue description. And as always, we are here to help if any questions come up. Thanks!
PushkarJ
commented
1 year ago Thank you @Atharva-Shinde. Updated the description to include all relevant PRs.
mickeyboxell
commented
1 year ago @PushkarJ was there a Docs PR opened against dev-1.27 branch in the k/website repo?
If not, please take a look at Documenting for a release - PR Ready for Review to get your PR ready for review as soon as possible. 01:00 UTC Wednesday 22nd March 2023 / 17:00 PDT Tuesday 21st March 2023 is the official deadline.
This PR will need a doc review by Tuesday 4th April 2023 to get this into the release. Please reach out to required SIGs to get their review. Thank you!
mickeyboxell
commented
1 year ago As discussed in Slack, this does not need a 1.27 Docs PR because its Docs PRs are targeted to master / main branch.
k8s-triage-robot
commented
8 months ago The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/remove-lifecycle stale/closePlease send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
k8s-triage-robot
commented
7 months ago The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/remove-lifecycle rotten/closePlease send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
tabbysable
commented
7 months ago /remove-lifecycle rotten
sftim
commented
6 months ago What should be in scope for the CVE feed? See https://github.com/kubernetes/website/issues/45576 for context.
Do we list all vulnerabilities, or just the ones that are vulnerabilities in k/k?
PushkarJ
commented
4 months ago Thanks @sftim I have added this in scope for beta-> GA graduation. More Intuittive path right now to me seems to be that SIG Security Tooling maintainers create a duplicate issue in k/k with the right labels linking the one created by SRC. I have proposed it in https://github.com/kubernetes/kubernetes/issues/123964#issuecomment-2119316156 to get feedback from SRC on this
k8s-triage-robot
commented
1 month ago The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/remove-lifecycle stale/closePlease send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
k8s-triage-robot
commented
2 weeks ago The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/remove-lifecycle rotten/closePlease send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
sftim
commented
2 weeks ago /remove-lifecycle rotten /lifecycle stale
We should progress this (or drop the existing feed :grimacing:)
Enhancement Description
k/enhancements) update PR(s): #3204k/k) update PR(s): N/Ak/website) update PR(s): https://github.com/kubernetes/website/pull/35228k/k8s.ioPR(s): https://github.com/kubernetes/k8s.io/pull/4009k/test-infraPR(s):k/sig-securityPR(s):k/enhancements) update PR(s): https://github.com/kubernetes/enhancements/pull/3828k/k) update PR(s): N/Ak/website) update(s):k/sig-securityPR(s):Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.