v1.25+ Compatible Release Resource Artifacts
sernst opened this issue · 2 comments
Describe the bug
The migration away from the deprecated PodSecurityPolicy specified in #638 has not been applied to the all-resources.yaml and all-resources-queue-processor.yaml release artifacts with the v1.19.0 release. Given that Pod Security Admission is compatible starting with Kubernetes v1.22+ and that PodSecurityPolicy has been removed in Kubernetes v1.25+, it might make sense to update these release artifacts to use Pod Security Admission to be forward compatible for the 5 most recent versions of Kubernetes at the time of this issue being created, rather than preserving the format needed for the legacy two versions.
See prior discussion here for the origination of this issue being created:
Steps to reproduce
Try applying either the all-resources.yaml and all-resources-queue-processor.yaml from the v1.19.0 release:
https://github.com/aws/aws-node-termination-handler/releases/tag/v1.19.0
on a Kubernetes v1.25+ cluster to see the PodSecurityPolicy resource does not exist error.
Expected outcome
When applying those resource yaml configurations to a Kubenertes v1.25+ cluster, I was expecting not to find resources incompatible with the version.
Application Logs
N/A
Environment
Attempted to install on a Kubernetes v1.25 EKS cluster.
- NTH App Version: 1.19
- NTH Mode (IMDS/Queue processor): Both
- OS/Arch: linux
- Kubernetes version: 1.25
- Installation method: kubectl
Hi @sernst, additional resource files for k8s >=1.25 have been uploaded to the v1.19 release. The release process has also been updated to automatically create resources for k8s >=1.25 during future NTH releases.