Matt Cary

Could you add a release note? It will make the changelog easier.

If there was a CSIDriver field that said whether the driver used secrets at all, then tere could be eg an admission webhook that only let known drivers exposing secrets...

/cc @msau42 Thanks, we're discussing the feature readiness.

Sorry for the delay in reply. We don't have any data on usage -- we had thought we could look at kube state metrics, but it turns out they're filtered...

Ok, thanks, I agree. I should have some time to figure out how to get fleet level statistics for usage, that will make me feel much more confident about it.

FYI, we are going to soak the changes in https://github.com/kubernetes/kubernetes/pull/122499 for a release and then go GA if all is good (I guess that's 1.31).

/remove-lifecycle stale

The issue was raised on the external-provisioner, as that would be the right kubernetes layer to do this (the pd csi driver doesn't see the k8s objects so can't see...

I think the storageAdmin role is appropriate. The permissions granted by the role are necessary for operatation. Are you requesting to list all the permissions, or is it enough having...

/remove-lifecycle stale