Skip to content

Allow specifying a directory for image credential providers json configuration #131658

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 29, 2025
Merged

Allow specifying a directory for image credential providers json configuration #131658

merged 1 commit into from
May 29, 2025
+424 −54

Conversation

dims
Copy link
Member

@dims dims commented May 7, 2025
edited by liggitt
Loading

@micahhausler and i were chatting with some folks about this use case where there may be multiple credential providers, each with possibly their own configuration json files. So i wanted to check if it is as easy as it looks...

Some background:

So why not support more than one json file? just like we already do for binaries (image-credential-provider-bin-dir is a directory).

What type of PR is this?

/kind feature

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?

kubelet: the `--image-credential-provider-config` flag previously only accepted an individual file, but can now specify a directory path as well; when a directory is specified, all .json/.yaml/.yml files in the directory are loaded and merged in lexicographical order.

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-kind Indicates a PR lacks a `kind/foo` label and requires one. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels May 7, 2025
@k8s-ci-robot
Copy link
Contributor

This issue is currently awaiting triage.

If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels May 7, 2025
@k8s-ci-robot k8s-ci-robot added area/kubelet sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/node Categorizes an issue or PR as relevant to SIG Node. labels May 7, 2025
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label May 7, 2025
@enj enj moved this to Needs Triage in SIG Auth May 8, 2025
@bart0sh bart0sh moved this from Triage to Work in progress in SIG Node: code and documentation PRs May 13, 2025
@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. labels May 13, 2025
@dims dims force-pushed the allow-specifying-a-directory-for-image-credential-providers-json-configuration branch from 8f3dac4 to ae3953d Compare May 13, 2025 20:26
@dims
Copy link
Member Author

dims commented May 13, 2025

/kind important-soon

@k8s-ci-robot
Copy link
Contributor

@dims: The label(s) kind/important-soon cannot be applied, because the repository doesn't have them.

In response to this:

/kind important-soon

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@dims dims force-pushed the allow-specifying-a-directory-for-image-credential-providers-json-configuration branch from ae3953d to 7804418 Compare May 13, 2025 21:08
@dims
Copy link
Member Author

dims commented May 13, 2025

/priority important-soon
/kind feature

@k8s-ci-robot k8s-ci-robot added priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. kind/feature Categorizes issue or PR as related to a new feature. labels May 13, 2025
@liggitt
Copy link
Member

liggitt commented May 14, 2025
edited
Loading

I think the simple merging you had before would just error in validation if the same name got defined across files, and that's probably a better behavior (indicates an unexpected / not working configuration)

aramase
aramase reviewed May 14, 2025
View reviewed changes
@dims
Copy link
Member Author

dims commented May 14, 2025

I think the simple merging you had before would just error in validation if the same name got defined across files, and that's probably a better behavior (indicates an unexpected / not working configuration)

will do!

@dims dims force-pushed the allow-specifying-a-directory-for-image-credential-providers-json-configuration branch from 9ec8a2a to 77927f3 Compare May 14, 2025 17:02
@kubernetes kubernetes deleted a comment from k8s-ci-robot May 14, 2025
@dims
Copy link
Member Author

dims commented May 14, 2025

/test pull-kubernetes-unit-windows-master

@dims dims force-pushed the allow-specifying-a-directory-for-image-credential-providers-json-configuration branch from 77927f3 to 6d5de8e Compare May 14, 2025 19:00
@liggitt
Copy link
Member

liggitt commented May 14, 2025

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 14, 2025
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: b5668fc60abc4f88b25ba7f850ec9e087096f17f

enj
enj suggested changes May 28, 2025
View reviewed changes
Copy link
Member

@enj enj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

First pass.

@github-project-automation github-project-automation bot moved this from Work in progress to Waiting on Author in SIG Node: code and documentation PRs May 28, 2025
@github-project-automation github-project-automation bot moved this from In Review to Changes Requested in SIG Auth May 28, 2025
@dims dims force-pushed the allow-specifying-a-directory-for-image-credential-providers-json-configuration branch from 6d5de8e to d4a6e68 Compare May 29, 2025 12:48
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 29, 2025
@k8s-ci-robot k8s-ci-robot requested review from aramase and liggitt May 29, 2025 12:49
@dims dims force-pushed the allow-specifying-a-directory-for-image-credential-providers-json-configuration branch from d4a6e68 to be6807e Compare May 29, 2025 13:42
@k8s-ci-robot
Copy link
Contributor

@dims: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kubernetes-unit-windows-master be6807e link false /test pull-kubernetes-unit-windows-master

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@enj
Copy link
Member

enj commented May 29, 2025

/lgtm
/approve
/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 29, 2025
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 29, 2025
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 3c452a775dfd82195f0904d1eba764b9956ef58f

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dims, enj, liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit cd3b5c5 into kubernetes:master May 29, 2025
16 of 17 checks passed
@k8s-ci-robot k8s-ci-robot added this to the v1.34 milestone May 29, 2025
@github-project-automation github-project-automation bot moved this from Changes Requested to Closed / Done in SIG Auth May 29, 2025
@github-project-automation github-project-automation bot moved this from Waiting on Author to Done in SIG Node: code and documentation PRs May 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@carmithersh carmithersh carmithersh left review comments

@enj enj enj requested changes

@SergeyKanzhelev SergeyKanzhelev Awaiting requested review from SergeyKanzhelev

@tzneal tzneal Awaiting requested review from tzneal

@cartermckinnon cartermckinnon Awaiting requested review from cartermckinnon

@aramase aramase Awaiting requested review from aramase

@liggitt liggitt Awaiting requested review from liggitt

Assignees

@tzneal tzneal

@liggitt liggitt

@enj enj

@aramase aramase

@cartermckinnon cartermckinnon

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/kubelet cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/node Categorizes an issue or PR as relevant to SIG Node. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
SIG Auth
Status: Closed / Done
SIG Node: code and documentation PRs
Status: Done
Milestone
v1.34
Development

Successfully merging this pull request may close these issues.
8 participants
@dims @k8s-ci-robot @enj @cartermckinnon @liggitt @aramase @carmithersh @tzneal