Details
-
Task
-
Resolution: Won't Fix
-
Major
-
None
-
None
-
None
Description
So that the operator can legitimately refuse to service requests if not properly vetted
- Mandate a reference to the resource
- Possibly need elevated privileges, possibly crossing namespace boundaries
- Fire a canary CRD and see if it gets rejected
- Very small possibility it may have unintended consequences
- Have the admission controller annotate the CR on the backend
- Need to address upgrading existing clusters
Questions, questions...