-
Notifications
You must be signed in to change notification settings - Fork 1.7k
AppArmor support #24
Copy link
Copy link
Open
Labels
kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.Indicates that an issue or PR should not be auto-closed due to staleness.priority/backlogHigher priority than priority/awaiting-more-evidence.Higher priority than priority/awaiting-more-evidence.sig/nodeCategorizes an issue or PR as relevant to SIG Node.Categorizes an issue or PR as relevant to SIG Node.stage/stableDenotes an issue tracking an enhancement targeted for Stable/GA statusDenotes an issue tracking an enhancement targeted for Stable/GA status
Description
Metadata
Metadata
Assignees
Labels
kind/featureCategorizes issue or PR as related to a new feature.Categorizes issue or PR as related to a new feature.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.Indicates that an issue or PR should not be auto-closed due to staleness.priority/backlogHigher priority than priority/awaiting-more-evidence.Higher priority than priority/awaiting-more-evidence.sig/nodeCategorizes an issue or PR as relevant to SIG Node.Categorizes an issue or PR as relevant to SIG Node.stage/stableDenotes an issue tracking an enhancement targeted for Stable/GA statusDenotes an issue tracking an enhancement targeted for Stable/GA status
Type
Fields
No fields configured for issues without a type.
Projects
StatusShow more project fields
Removed
StatusShow more project fields
Done
Description
Add AppArmor support to Kubernetes. Initial support should include the ability to specify an AppArmor profile for a container or pod in the API, and have that profile applied by the container runtime.
Progress Tracker
/pkg/apis/...)Code needs to be disabled by default. Verified by code OWNERSAppArmor is enabled by default, but gated by a feature-gate: Add AppArmor feature gate kubernetes#31473
FEATURE_STATUS is used for feature tracking and to be updated by @kubernetes/feature-reviewers.
FEATURE_STATUS: BETA
More advice:
Design
Coding
and sometimes http://github.com/kubernetes/contrib, or other repos.
check that the code matches the proposed feature and design, and that everything is done, and that there is adequate
testing. They won't do detailed code review: that already happened when your PRs were reviewed.
When that is done, you can check this box and the reviewer will apply the "code-complete" label.
Docs
Remaining work, copied from the KEP (https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/24-apparmor/README.md#removing-annotation-support)