Next Deadline: Exceptions due, March 21st
While folks are working on features, CI signal has gotten worse. Currently there are 14 flaky jobs between master-informing and master-blocking, and there’s even one failing master-blocking job. This is not a good trend. Please have a look at the problem tests and see if you can help.
The cherry-pick deadline for the next patch releases is March 11th.
As discussed a few weeks ago, the efforts to remove Secret-based storage of ServiceAccount tokens is continuing. Now ServiceAccount objects will not get a token generated an crammed into a Secret by default. This won’t affect usage by Pods, which generate a bound token and store it only in-memory on the Kubelet/host-system, but if you are using service account tokens for things like remote access, you will need to make sure you set up your Secrets appropriately, by adding a "kubernetes.io/service-account.name" annotation.
The older alpha and beta object versions of the audit log data format have been removed. This applies to both the file logging and audit webhooks. If you are still using them, upgrading to v1 should be relatively straightforward. Check for any usage of the removed ObjectMeta or Timestamp fields, switching to StageTimestamp or RequestReceivedTimestamp respectively.
kubectl version won’t take extra arguments--target-ram-mb flag and the [--experimental-encryption-provider-config flag] are removed