Suggested Reads

Week Ending March 16, 2025

https://lwkd.info/2025/20250319

Developer News

CVE-2026-1767 allows authenticated users to access git repos belonging to other users if created with the in-tree gitRepo volume type. In-tree gitRepo volumes have been deprecated. The SRC suggests several workarounds in the issue.

SIG-Windows plans to make the Windows unit tests release-informing. This is a big step forwards for support of Kubernetes on Windows.

Release Schedule

Next Deadline: Code and Test Freeze, March 20/21

Code and Test Freeze starts at 0200 UTC on Friday, March 21. Your PRs should all be merged by then; file an exception as soon as possible if you think you won’t make that deadline.

Other Merges

kube-openapi updated and integrated streaming tags validation

TestListCorruptObject corrupts the object in etcd instead of changing encryption key

A new function verifyAlphaFeatures implemented to ensure that alpha features cannot be enabled by default

Extracted delegator.Helper interface to allow making delegate decision based on cache state

Split subfunction to allow adding more subtests

Unit tests for Windows DSR and Overlay Support added

scheduler_perf topology spreading tests moved to a separate package

Fixes for unit tests on Windows

PodResourceAllocation type replaced with PodResourceInfoMap

Support for emulation versioning of custom resource formats

Unit tests for credential provider in service account mode

DRA adds user RBAC

InPlacePodVerticalScaling moves pod resize status to pod conditions

DeclarativeValidation feature gate to be enabled by default

ReplicationController spec.replicas and spec.minReadySeconds fields migrated to declarative validation

Declarative Validation enabled for ReplicationController

Fix for incorrect AppArmorProfile.Type marker

JobSuccessPolicy E2E tests promoted to conformance

kubelet to set observedGeneration field on pod conditions if PodObservedGenerationTracking feature gate is set

Workqueue for node updates in DaemonSetController

PreEnqueue plugins to be called before adding pod to backoffQ

Forward compatibility added for compatibility mode

Alpha support for Windows HostNetwork containers removed

Add metrics to track allocation of Uncore Cache blocks

Updated /version response to report binary version information separate from compatibility version

New alpha feature gate MutableCSINodeAllocatableCount introduced

Swap capacity to be reported as part of node.status.nodeSystemInfo

Quota support for PVC with VolumeAttributesClass

UpdatePodSandboxResources CRI method

Multi-tenancy in accessing node images via Pod API

Storage capacity scoring added to VolumeBinding plugin

GA feature gate PersistentVolumeLastPhaseTransitionTime removed

Refactoring for featuregate lifecycle management script

Promotions

InPlacePodVerticalScaling to beta

DRAResourceClaimDeviceStatus to beta

CoordinatedLeaderElection to beta

TopologyAwareHints to GA

RemoteRequestHeaderUID to beta

SchedulerAsyncPreemption to beta

JobSuccessPolicy to GA

Deprecated

apidiscovery.k8s.io/v2beta1 API group is disabled by default

gitRepo volume plugin disabled by default

via Last Week in Kubernetes Development https://lwkd.info/

March 19, 2025 at 02:00PM