windows-gmsa

windows-gmsa copied to clipboard

Update golang and k8s deps

2

Update to golang 1.22 and use latest k8s/golang libraries

jsturtevant

Namespaced gMSA credential spec doesn't work

14

Changing the `gmsacredentialspecs.windows.k8s.io` CRD scope from `Cluster` to `Namespaced` at: https://github.com/kubernetes-sigs/windows-gmsa/blob/9fa8e91dc398196a8ecb70966f20a3d7ee806358/admission-webhook/deploy/gmsa-crd.yml#L118 results in the admission webhook failing with: ``` time="2021-11-24T19:57:14Z" level=info msg="refusing to admit pod &Pod{...} with code 500: unable...

ionutbalutoiu

Enhancement request: admission webhook expression filter

4

# issue gmsa admission webhook intercepts everything, including pods that have nothing to do with gmsa.  the gmsa mutating webhook has no object selector / match expressions. it may...

Zombro

Create random hostname for GMSA

3

This will only apply to gmsa pods which have the corresponding security context Disabling/enabling of this can be controlled through ENV

zylxjtu

start CEL webhook matchConditions

3

fixed this internally a while back in response to https://github.com/kubernetes-sigs/windows-gmsa/issues/148 inserts webhook match conditions such that gmsa doesn't intercept _every_ pod, only those relevant to windows securfity contexts. extends values...

Zombro

Webhook pods returns tls bad certificate with certification manager

2

Hi, I installed last version (v0.13.0) of windows-gmsa in our EKS cluster and configured it in order to use certification manager with automatic certification renew. I saw the enhancement of...

Christian-8