kubernetes
diff --git a/‎api/openapi-spec/swagger.json‎
Lines changed: 1 addition & 1 deletion b/‎api/openapi-spec/swagger.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api/openapi-spec/v3/api__v1_openapi.json‎
Lines changed: 1 addition & 1 deletion b/‎api/openapi-spec/v3/api__v1_openapi.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api/openapi-spec/v3/apis__apps__v1_openapi.json‎
Lines changed: 1 addition & 1 deletion b/‎api/openapi-spec/v3/apis__apps__v1_openapi.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api/openapi-spec/v3/apis__batch__v1_openapi.json‎
Lines changed: 1 addition & 1 deletion b/‎api/openapi-spec/v3/apis__batch__v1_openapi.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/apis/core/types.go‎
Lines changed: 0 additions & 1 deletion b/‎pkg/apis/core/types.go‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎pkg/apis/core/validation/validation.go‎
Lines changed: 0 additions & 10 deletions b/‎pkg/apis/core/validation/validation.go‎
Lines changed: 0 additions & 10 deletions
diff --git a/‎pkg/apis/core/validation/validation_test.go‎
Lines changed: 15 additions & 17 deletions b/‎pkg/apis/core/validation/validation_test.go‎
Lines changed: 15 additions & 17 deletions
diff --git a/‎pkg/features/versioned_kube_features.go‎
Lines changed: 1 addition & 0 deletions b/‎pkg/features/versioned_kube_features.go‎
Lines changed: 1 addition & 0 deletions
@@ -220,7 +220,6 @@ type VolumeSource struct {
 	// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.
 	// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.
 	// The volume will be mounted read-only (ro) and non-executable files (noexec).
-	// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).
 	// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.
 	// +featureGate=ImageVolume
 	// +optional
 
@@ -2937,16 +2937,6 @@ func ValidateVolumeMounts(mounts []core.VolumeMount, voldevices map[string]strin
 			allErrs = append(allErrs, field.Invalid(idxPath.Child("mountPath"), mnt.MountPath, "must not already exist as a path in volumeDevices"))
 		}
 
-		// Disallow subPath/subPathExpr for image volumes
-		if v, ok := volumes[mnt.Name]; ok && v.Image != nil {
-			if len(mnt.SubPath) != 0 {
-				allErrs = append(allErrs, field.Invalid(idxPath.Child("subPath"), mnt.SubPath, "not allowed in image volume sources"))
-			}
-			if len(mnt.SubPathExpr) != 0 {
-				allErrs = append(allErrs, field.Invalid(idxPath.Child("subPathExpr"), mnt.SubPathExpr, "not allowed in image volume sources"))
-			}
-		}
-
 		if len(mnt.SubPath) > 0 {
 			allErrs = append(allErrs, validateLocalDescendingPath(mnt.SubPath, fldPath.Child("subPath"))...)
 		}
 
@@ -7146,23 +7146,21 @@ func TestValidateVolumeMounts(t *testing.T) {
 	}
 
 	errorCases := map[string][]core.VolumeMount{
-		"empty name":                                       {{Name: "", MountPath: "/foo"}},
-		"name not found":                                   {{Name: "", MountPath: "/foo"}},
-		"empty mountpath":                                  {{Name: "abc", MountPath: ""}},
-		"mountpath collision":                              {{Name: "foo", MountPath: "/path/a"}, {Name: "bar", MountPath: "/path/a"}},
-		"absolute subpath":                                 {{Name: "abc", MountPath: "/bar", SubPath: "/baz"}},
-		"subpath in ..":                                    {{Name: "abc", MountPath: "/bar", SubPath: "../baz"}},
-		"subpath contains ..":                              {{Name: "abc", MountPath: "/bar", SubPath: "baz/../bat"}},
-		"subpath ends in ..":                               {{Name: "abc", MountPath: "/bar", SubPath: "./.."}},
-		"disabled MountPropagation feature gate":           {{Name: "abc", MountPath: "/bar", MountPropagation: &propagation}},
-		"name exists in volumeDevice":                      {{Name: "xyz", MountPath: "/bar"}},
-		"mountpath exists in volumeDevice":                 {{Name: "uvw", MountPath: "/mnt/exists"}},
-		"both exist in volumeDevice":                       {{Name: "xyz", MountPath: "/mnt/exists"}},
-		"rro but not ro":                                   {{Name: "123", MountPath: "/rro-bad1", ReadOnly: false, RecursiveReadOnly: ptr.To(core.RecursiveReadOnlyEnabled)}},
-		"rro with incompatible propagation":                {{Name: "123", MountPath: "/rro-bad2", ReadOnly: true, RecursiveReadOnly: ptr.To(core.RecursiveReadOnlyEnabled), MountPropagation: ptr.To(core.MountPropagationHostToContainer)}},
-		"rro-if-possible but not ro":                       {{Name: "123", MountPath: "/rro-bad1", ReadOnly: false, RecursiveReadOnly: ptr.To(core.RecursiveReadOnlyIfPossible)}},
-		"subPath not allowed for image volume sources":     {{Name: "image-volume", MountPath: "/image-volume-err-1", SubPath: "/foo"}},
-		"subPathExpr not allowed for image volume sources": {{Name: "image-volume", MountPath: "/image-volume-err-2", SubPathExpr: "$(POD_NAME)"}},
+		"empty name":                             {{Name: "", MountPath: "/foo"}},
+		"name not found":                         {{Name: "", MountPath: "/foo"}},
+		"empty mountpath":                        {{Name: "abc", MountPath: ""}},
+		"mountpath collision":                    {{Name: "foo", MountPath: "/path/a"}, {Name: "bar", MountPath: "/path/a"}},
+		"absolute subpath":                       {{Name: "abc", MountPath: "/bar", SubPath: "/baz"}},
+		"subpath in ..":                          {{Name: "abc", MountPath: "/bar", SubPath: "../baz"}},
+		"subpath contains ..":                    {{Name: "abc", MountPath: "/bar", SubPath: "baz/../bat"}},
+		"subpath ends in ..":                     {{Name: "abc", MountPath: "/bar", SubPath: "./.."}},
+		"disabled MountPropagation feature gate": {{Name: "abc", MountPath: "/bar", MountPropagation: &propagation}},
+		"name exists in volumeDevice":            {{Name: "xyz", MountPath: "/bar"}},
+		"mountpath exists in volumeDevice":       {{Name: "uvw", MountPath: "/mnt/exists"}},
+		"both exist in volumeDevice":             {{Name: "xyz", MountPath: "/mnt/exists"}},
+		"rro but not ro":                         {{Name: "123", MountPath: "/rro-bad1", ReadOnly: false, RecursiveReadOnly: ptr.To(core.RecursiveReadOnlyEnabled)}},
+		"rro with incompatible propagation":      {{Name: "123", MountPath: "/rro-bad2", ReadOnly: true, RecursiveReadOnly: ptr.To(core.RecursiveReadOnlyEnabled), MountPropagation: ptr.To(core.MountPropagationHostToContainer)}},
+		"rro-if-possible but not ro":             {{Name: "123", MountPath: "/rro-bad1", ReadOnly: false, RecursiveReadOnly: ptr.To(core.RecursiveReadOnlyIfPossible)}},
 	}
 	badVolumeDevice := []core.VolumeDevice{
 		{Name: "xyz", DevicePath: "/mnt/exists"},
 
@@ -404,6 +404,7 @@ var defaultVersionedKubernetesFeatureGates = map[featuregate.Feature]featuregate
 
 	ImageVolume: {
 		{Version: version.MustParse("1.31"), Default: false, PreRelease: featuregate.Alpha},
+		{Version: version.MustParse("1.33"), Default: false, PreRelease: featuregate.Beta},
 	},
 
 	InPlacePodVerticalScaling: {