Graduate Seccomp to GA #91286
Description
Graduate seccomp to GA, as defined on the respective KEP. This is an umbrella issue to track all outstanding work.
Core Items
- API Server changes Add seccomp GA version skew for pods #91408 (MERGED)
- Kubelet changes seccomp GA - Add new seccomp fields and update kubelet to use them #91381 (MERGED)
- Mark flag
--seccomp-profile-rootas deprecated Mark Kubelet --seccomp-profile-root deprecated #91182 (MERGED) - Update PSP to support seccomp fields Implement PodSecurityPolicy enforcement for seccomp GA #92856 (MERGED)
- Document Kubernetes seccomp support Add documentation for Seccomp GA website#21278 (MERGED)
Nice to Have on 1.19
- Add seccomp least privilege for docker sandbox Add seccomp least privilege for docker sandbox #90948 (MERGED)
- Add seccomp least privilege for kuberuntime Add seccomp least privilege for kuberuntime #90949 (MERGED)
- E2E tests review Update seccomp e2e test for GA #91442 (LGTM)
Pushed to 1.22
- Add Warning mechanism for deprecated features usage (based off KEP)
/area kubelet
/area kubelet-api
/sig node
/area security
/assign