[release-1.8] Safely consume TLSSecurityProfile from APIServer CR #2158
Commits on Nov 24, 2022
-
Safely consume TLSSecurityProfile from APIServer CR
APIServer CR is validating TLSSecurityProfile less strictly than CNAO. HCO in general delegates the validation to the operators that is managing, but this is not true for values directly read from the APIServer CR that are not passing into our validating webhook. So if the cluster admin requires a custom configuration for TLSSecurityProfile on the APIServer CR all the components but CNAO will accept it while CNAO will refuse it continuously. Let's prevent this sanitizing the input. this is not validated Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=2137896 Signed-off-by: Simone Tiraboschi <stirabos@redhat.com>
-
[release-1.8] New workaround for GC on CDI
workaround for DataVolume GC on CDI v1.55.0: kubevirt/kubevirt#8584 didn't landed in Kubevirt v0.58.0. The previous workaround stopped working because the pinned test binary got garbage collected. TODO: remove this once kubevirt/kubevirt#8584 will land in Kubevirt v0.58.1 Signed-off-by: Simone Tiraboschi <stirabos@redhat.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.