updating label in KEP-3257

kubernetes · Nov 21, 2024 · 2a70419 · 2a70419
1 parent 290206d
commit 2a70419
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/keps/sig-auth/3257-cluster-trust-bundles/README.md b/keps/sig-auth/3257-cluster-trust-bundles/README.md
@@ -290,7 +290,7 @@ kind: ClusterTrustBundle
 metadata:
   name: example.com:server-tls:foo
   labels:
-    kubernetes.io/cluster-trust-bundle-version: live
+    k8s.example/cluster-trust-bundle-version: live
 spec:
   signerName: example.com/server-tls
   trustBundle: "<... PEM DATA ...>"
@@ -321,7 +321,7 @@ spec:
 +      - clusterTrustBundle:
 +          signerName: example.com/server-tls
 +          labelSelector:
-+            kubernetes.io/cluster-trust-bundle-version: live
++            k8s.example/cluster-trust-bundle-version: live
 +          path: ca_certificates.pem
 ```
 
@@ -562,11 +562,11 @@ Human operators or controllers may use unique names and labels to maintain diffe
 
 For example, if I maintain `example.com/my-signer`, I can use the following strategy:
 * I maintain one ClusterTrustBundle named `example.com:my-signer:live`, labeled
-  `kubernetes.io/cluster-trust-bundle-version=live` (the object name is mostly
+  `k8s.example/cluster-trust-bundle-version=live` (the object name is mostly
   irrelevant).
 * I maintain an additional ClusterTrustBundle named
   `example.com:my-signer:canary`, labeled
-  `kubernetes.io/cluster-trust-bundle-version=canary`.
+  `k8s.example/cluster-trust-bundle-version=canary`.
 * I have coordinated some fraction of my workloads to use the canary label
   selector, while the bulk of them use the live label selector
 * When I want to perform a root rotation or other trust change, I edit the