// "csi.storage.k8s.io/pod.uid": string(pod.UID)
  // "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral inline volume
  //                                 defined by a CSIVolumeSource, otherwise "false"
  //
  // "csi.storage.k8s.io/ephemeral" is a new feature in Kubernetes 1.16. It is only
  // required for drivers which support both the "Persistent" and "Ephemeral" VolumeLifecycleMode.

// user-initiated activities such as debugging. Ephemeral containers have no resource or
// scheduling guarantees, and they will not be restarted when they exit or when a Pod is
// removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
// Pod to exceed its resource allocation.
//
// To add an ephemeral container, use the ephemeralcontainers subresource of an existing

  // "csi.storage.k8s.io/pod.uid": string(pod.UID)
  // "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral inline volume
  //                                 defined by a CSIVolumeSource, otherwise "false"
  //
  // "csi.storage.k8s.io/ephemeral" is a new feature in Kubernetes 1.16. It is only
  // required for drivers which support both the "Persistent" and "Ephemeral" VolumeLifecycleMode.

    - [Promoted Local Ephemeral Storage Capacity Isolation to Stable](#promoted-local-ephemeral-storage-capacity-isolation-to-stable)
    - [Promoted core CSI Migration to Stable](#promoted-core-csi-migration-to-stable)
    - [Promoted CSI Ephemeral Volume to Stable](#promoted-csi-ephemeral-volume-to-stable)

This release does *not* deprecate the v1 HorizontalPodAutoscaler API.

### Generic Ephemeral Volume feature graduates to GA

The generic ephemeral volume feature moved to GA in 1.23.
This feature allows any existing storage driver that supports dynamic provisioning to be used as an ephemeral volume with the volume’s lifecycle bound to the Pod.

      "coverage" : {
        "per_day" : [ "linux" ]
      }
    } ]
  }, {
    "testId" : "org.gradle.performance.regression.buildcache.TaskOutputCachingJavaPerformanceTest.clean check on ephemeral ci with remote http cache",
    "groups" : [ {
      "testProject" : "smallJavaMultiProjectManyExternalDependencies",
      "coverage" : {
        "per_day" : [ "linux" ]
      }
    } ]
  }, {

var supportedKexAlgos = []string{
	kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
	// P384 and P521 are not constant-time yet, but since we don't
	// reuse ephemeral keys, using them for ECDH should be OK.
	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
	kexAlgoDH14SHA256, kexAlgoDH16SHA512, kexAlgoDH14SHA1,
	kexAlgoDH1SHA1,
}

  }, {
    "testProject" : "largeMonolithicJavaProject",
    "linux" : 553
  } ]
}, {
  "scenario" : "org.gradle.performance.regression.buildcache.TaskOutputCachingJavaPerformanceTest.clean check on ephemeral ci with remote http cache",
  "durations" : [ {
    "testProject" : "smallJavaMultiProjectManyExternalDependencies",
    "linux" : 540
  } ]
}, {

  // AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
  // An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
  // +optional
  repeated AllowedCSIDriver allowedCSIDrivers = 23;

  // allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.

### API changes and improvements for ephemeral containers

The API used to create [Ephemeral Containers](https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/) changed in 1.22. The Ephemeral Containers feature is alpha and disabled by default, and the new API does not work with clients that attempt to use the old API.