Add docs for Structured Authn beta #45108
Conversation
k8s-ci-robot
added
the
do-not-merge/work-in-progress
👷 Deploy Preview for kubernetes-io-vnext-staging processing.
|
k8s-ci-robot
added
cncf-cla: yes
|
/sig auth |
k8s-ci-robot
added
the
sig/auth
|
/milestone 1.30 |
|
Hi @aramase 👋 just a reminder to take a look at Documenting for a release - PR Ready for Review to get your PR ready for review before Tuesday March 12th 2024 18:00 PST. Thank you! |
|
Lets make sure this PR addresses #45140 |
|
Also lets make sure to document any limitations (the main one that comes to mind is that distributed claims do not work via CEL expressions). Edit: also, the lack of egress selection support. |
aramase
force-pushed
the
aramase/d/kep_3331_beta_docs
branch
from
1a9c88d to
34cdc2b
Compare
k8s-ci-robot
added
size/M
aramase
force-pushed
the
aramase/d/kep_3331_beta_docs
branch
2 times, most recently
from
12063b1 to
734a7df
Compare
|
/assign enj |
aramase
force-pushed
the
aramase/d/kep_3331_beta_docs
branch
from
734a7df to
05e5342
Compare
|
/assign liggitt |
aramase
force-pushed
the
aramase/d/kep_3331_beta_docs
branch
from
05e5342 to
bc73c18
Compare
There was a problem hiding this comment.
Thanks
On line 314 there is a heading, #### Configuring the API Server.
For beta, please hoist that up to be a 3rd level heading; I might change it to “Cluster-level authentication configuration”. You might need to do some light rewording; it's OK to do the minimum needed to get this PR to merge, and to file an issue about any follow-up tidying that you'd like to recommend.
Using a 3rd level heading allows the heading to show up in in the page navigation; deeper headings don't show up there.
|
Hello @aramase 👋, it looks like you've already engaged feedback in review of this PR. Great job! Keep this up. 🚀 @liggitt When you have a moment, can you please give a review for technical accuracy? A friendly reminder that this PR needs doc review complete by Doc Freeze on March 26th 18:00 PT to get this into the release. Thanks! |
I deferred to @enj in #45108 (review), looks like he has some review comments outstanding from #45108 (review) |
aramase
force-pushed
the
aramase/d/kep_3331_beta_docs
branch
3 times, most recently
from
5e45136 to
11191e9
Compare
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
aramase
force-pushed
the
aramase/d/kep_3331_beta_docs
branch
from
11191e9 to
b35e434
Compare
|
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 2cd6fb7c8a9a602bda4b89420b79b2da35fed348
|
|
Hi @kubernetes/sig-docs-en-owners 👋. Technical review for this PR is complete, just need an approval from a member of sig-docs-en-owner, does this look ready for approval? Thanks in advance! 😄 |
|
|
||
| {{< note >}} | ||
| When the feature is enabled, setting both `--authentication-config` and any of the `--oidc-*` flags will result in an error. If you want to use the feature, you have to remove the `--oidc-*` flags and use the configuration file instead. | ||
| If you specify `--authentication-config` along with any of the `--oidc-*` command line arguments, this is | ||
| a misconfiguration. In this situation, the API server reports an errors and then immediately exits. |
There was a problem hiding this comment.
nit: error should be singular here
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: enj, natalisucks The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/milestone 1.30 |
Doc update for KEP 3331 beta: https://git.k8s.io/enhancements/keps/sig-auth/3331-structured-authentication-configuration
KEP issue: kubernetes/enhancements#3331
fixes #45140