Closed
Description
What do you want to happen?
Address the phases and changes discussed in the proposal: https://github.com/kubernetes-sigs/kubebuilder/blob/master/designs/discontinue_usage_of_kube_rbac_proxy.md
- - Phase 0: Remove the RBAC Proxy: PR: ⚠️ Discontinue Kube RBAC Proxy in Default Kubebuilder Scaffolding #3899
- - Phase 1: Transition to NetworkPolicies: PR: ✨ Add Network Policy #3853
- - Phase 2: Add Cert-Manager as Optional option to be used with metrics (help wanted) PS.: See that we should address the request made in: Improve scaffolding of ServiceMonitor #3657 within this one. Done at: ✨ Adds a patch to configure ServiceMonitor with to ensure TLS verification using cert-manager certificates #4243
- - Phase 3: Add Controller-Runtime feature. Details can be found in: https://kubernetes.slack.com/archives/CAR30FCJZ/p1716290359950339?thread_ts=1716289540.582639&cid=CAR30FCJZ -> DONE: PR: ✨ Add protection to metrics endpoint using authn/authz via controller-runtime feature #4003
- - Phase 4: When kube-rbac-proxy be accepted under the umbrella (Blocked by: Sig-Auth Pre-Acceptance 2nd Review brancz/kube-rbac-proxy#238 and the project be part of the umbrella. When it happens we can reach out its maintainers and see if we can support them out to create the external plugin)
Extra Labels
No response
Metadata
Metadata
Assignees
Labels
Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.Categorizes issue or PR as related to a new feature.Indicates that an issue or PR should not be auto-closed due to staleness.Must be staffed and worked on either currently, or very soon, ideally in time for the next release.