Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

genpolicy: add priorityClassName as a field in PodSpec interface #145

Merged
merged 2 commits into from
Jan 30, 2024
Merged

genpolicy: add priorityClassName as a field in PodSpec interface #145

merged 2 commits into from
Jan 30, 2024

Conversation

arc9693
Copy link

@arc9693 arc9693 commented Jan 19, 2024
edited
Loading

Merge Checklist
  • Followed patch format from upstream recommendation: https://github.com/kata-containers/community/blob/main/CONTRIBUTING.md#patch-format
  • Included a single commit in a given PR - at least unless there are related commits and each makes sense as a change on its own.
  • Aware about the PR to be merged using "create a merge commit" rather than "squash and merge" (or similar)
  • genPolicy only: Ensured the tool still builds on Windows
  • genPolicy only: Updated sample YAMLs' policy annotations, if applicable
Summary

Adds priorityClassName as a field in PodSpec interface.
This change allows generation of policy for pods specifying priority classes, which currently fails.

Associated issues
Links to CVEs
Test Methodology

Generated a policy for pod having priorityClassName and created the pod on K8s with kata-cc runtime.

@danmihai1 danmihai1 requested a review from Redent0r January 19, 2024 16:06
@Redent0r
Copy link

Redent0r commented Jan 19, 2024
edited
Loading

Thank you @arc9693! To keep testing and ensure this functionality going forward, could you add a priorityClass to https://github.com/microsoft/kata-containers/blob/msft-main/src/agent/samples/policy/yaml/pod/pod-ubuntu.yaml or a simmilar existing yaml, update the annotation, and trigger a pipeline test run on this branch (https://dev.azure.com/mariner-org/mariner/_wiki/wikis/mariner.wiki/3368/Testing-genpolicy)?

@Redent0r Redent0r marked this pull request as ready for review January 19, 2024 17:29
@danmihai1
Copy link

Thank you @arc9693! To keep testing and ensure this functionality going forward, could you add a priorityClass to https://github.com/microsoft/kata-containers/blob/msft-main/src/agent/samples/policy/yaml/pod/pod-ubuntu.yaml or a simmilar existing yaml, update the annotation, and trigger a pipeline test run on this branch (https://dev.azure.com/mariner-org/mariner/_wiki/wikis/mariner.wiki/3368/Testing-genpolicy)?

Thanks for the reminder, Saul!

Archana, please keep the YAML file change in a separate commit. That should make upstreaming your change a bit easier for now - until we'll be ready to make these improvements directly upstream.

@arc9693 arc9693 force-pushed the archana1/genpolicy-priority-class branch from 400dbdc to 8a64aea Compare January 22, 2024 17:57
@arc9693 arc9693 requested review from a team as code owners January 22, 2024 17:57
@arc9693
Copy link
Author

arc9693 commented Jan 22, 2024
edited
Loading

Thank you @arc9693! To keep testing and ensure this functionality going forward, could you add a priorityClass to https://github.com/microsoft/kata-containers/blob/msft-main/src/agent/samples/policy/yaml/pod/pod-ubuntu.yaml or a simmilar existing yaml, update the annotation, and trigger a pipeline test run on this branch (https://dev.azure.com/mariner-org/mariner/_wiki/wikis/mariner.wiki/3368/Testing-genpolicy)?

I have updated the mentioned yaml, although there was no update in the annotation.
Triggered run: https://dev.azure.com/mariner-org/mariner/_build/results?buildId=488443&view=results

@Redent0r Redent0r added the upstream/missing PRs that are yet to be upstreamed label Jan 22, 2024
@arc9693 arc9693 force-pushed the archana1/genpolicy-priority-class branch 3 times, most recently from 27b6c01 to 066ea49 Compare January 22, 2024 22:30
@arc9693
genpolicy: add priorityClassName as a field in PodSpec interface
f06cbc4 
This allows generation of policy for pods specifying priority classes.

Signed-off-by: Archana Choudhary <[email protected]>
@arc9693 arc9693 force-pushed the archana1/genpolicy-priority-class branch from 066ea49 to 9a0011d Compare January 30, 2024 12:58
@arc9693
pod-ubuntu.yaml: Update spec file
9ec2441 
Adds priorityClassName to the test yaml file

Signed-off-by: Archana choudhary <[email protected]>
@arc9693 arc9693 force-pushed the archana1/genpolicy-priority-class branch from 9a0011d to 9ec2441 Compare January 30, 2024 13:15
@arc9693
Copy link
Author

arc9693 commented Jan 30, 2024

Updated the PriorityClass spec's api version. Triggered: https://dev.azure.com/mariner-org/mariner/_build/results?buildId=493908&view=results. Tested in local.
image

@danmihai1 danmihai1 merged commit a109d10 into msft-main Jan 30, 2024
42 of 54 checks passed
@Redent0r Redent0r mentioned this pull request Aug 14, 2024
Merged
@Redent0r Redent0r added upstream/merged PRs that have been merged upstream and removed upstream/missing PRs that are yet to be upstreamed labels Sep 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danmihai1 danmihai1 danmihai1 approved these changes

@Redent0r Redent0r Redent0r approved these changes

Assignees
No one assigned
Labels
upstream/merged PRs that have been merged upstream
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@arc9693 @Redent0r @danmihai1