Fresh dep ensure

vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/BUILD

@@ -12,8 +12,8 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/api/v1/endpoints",
     deps = [
         "//pkg/util/hash:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
     ],
 )
 
@@ -22,9 +22,9 @@ go_test(
     srcs = ["util_test.go"],
     embed = [":go_default_library"],
     deps = [
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
     ],
 )
 

vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/util.go

@@ -38,12 +38,12 @@ func RepackSubsets(subsets []v1.EndpointSubset) []v1.EndpointSubset {
 	allAddrs := map[addressKey]*v1.EndpointAddress{}
 	portToAddrReadyMap := map[v1.EndpointPort]addressSet{}
 	for i := range subsets {
-		for _, port := range subsets[i].Ports {
-			for k := range subsets[i].Addresses {
-				mapAddressByPort(&subsets[i].Addresses[k], port, true, allAddrs, portToAddrReadyMap)
-			}
-			for k := range subsets[i].NotReadyAddresses {
-				mapAddressByPort(&subsets[i].NotReadyAddresses[k], port, false, allAddrs, portToAddrReadyMap)
+		if len(subsets[i].Ports) == 0 {
+			// Don't discard endpoints with no ports defined, use a sentinel.
+			mapAddressesByPort(&subsets[i], v1.EndpointPort{Port: -1}, allAddrs, portToAddrReadyMap)
+		} else {
+			for _, port := range subsets[i].Ports {
+				mapAddressesByPort(&subsets[i], port, allAddrs, portToAddrReadyMap)
 			}
 		}
 	}
@@ -58,7 +58,14 @@ func RepackSubsets(subsets []v1.EndpointSubset) []v1.EndpointSubset {
 	for port, addrs := range portToAddrReadyMap {
 		key := keyString(hashAddresses(addrs))
 		keyToAddrReadyMap[key] = addrs
-		addrReadyMapKeyToPorts[key] = append(addrReadyMapKeyToPorts[key], port)
+		if port.Port > 0 { // avoid sentinels
+			addrReadyMapKeyToPorts[key] = append(addrReadyMapKeyToPorts[key], port)
+		} else {
+			if _, found := addrReadyMapKeyToPorts[key]; !found {
+				// Force it to be present in the map
+				addrReadyMapKeyToPorts[key] = nil
+			}
+		}
 	}
 
 	// Next, build the N-to-M association the API wants.
@@ -85,7 +92,17 @@ type addressKey struct {
 	uid types.UID
 }
 
-// mapAddressByPort adds an address into a map by its ports, registering the address with a unique pointer, and preserving
+// mapAddressesByPort adds all ready and not-ready addresses into a map by a single port.
+func mapAddressesByPort(subset *v1.EndpointSubset, port v1.EndpointPort, allAddrs map[addressKey]*v1.EndpointAddress, portToAddrReadyMap map[v1.EndpointPort]addressSet) {
+	for k := range subset.Addresses {
+		mapAddressByPort(&subset.Addresses[k], port, true, allAddrs, portToAddrReadyMap)
+	}
+	for k := range subset.NotReadyAddresses {
+		mapAddressByPort(&subset.NotReadyAddresses[k], port, false, allAddrs, portToAddrReadyMap)
+	}
+}
+
+// mapAddressByPort adds one address into a map by port, registering the address with a unique pointer, and preserving
 // any existing ready state.
 func mapAddressByPort(addr *v1.EndpointAddress, port v1.EndpointPort, ready bool, allAddrs map[addressKey]*v1.EndpointAddress, portToAddrReadyMap map[v1.EndpointPort]addressSet) *v1.EndpointAddress {
 	// use addressKey to distinguish between two endpoints that are identical addresses
@@ -155,6 +172,7 @@ func (sl addrsReady) Less(i, j int) bool {
 	return lessAddrReady(sl[i], sl[j])
 }
 
+// LessEndpointAddress compares IP addresses lexicographically and returns true if first argument is lesser than second
 func LessEndpointAddress(a, b *v1.EndpointAddress) bool {
 	ipComparison := bytes.Compare([]byte(a.IP), []byte(b.IP))
 	if ipComparison != 0 {
@@ -174,8 +192,8 @@ func LessEndpointAddress(a, b *v1.EndpointAddress) bool {
 func SortSubsets(subsets []v1.EndpointSubset) []v1.EndpointSubset {
 	for i := range subsets {
 		ss := &subsets[i]
-		sort.Sort(addrsByIpAndUID(ss.Addresses))
-		sort.Sort(addrsByIpAndUID(ss.NotReadyAddresses))
+		sort.Sort(addrsByIPAndUID(ss.Addresses))
+		sort.Sort(addrsByIPAndUID(ss.NotReadyAddresses))
 		sort.Sort(portsByHash(ss.Ports))
 	}
 	sort.Sort(subsetsByHash(subsets))
@@ -198,11 +216,11 @@ func (sl subsetsByHash) Less(i, j int) bool {
 	return bytes.Compare(h1, h2) < 0
 }
 
-type addrsByIpAndUID []v1.EndpointAddress
+type addrsByIPAndUID []v1.EndpointAddress
 
-func (sl addrsByIpAndUID) Len() int      { return len(sl) }
-func (sl addrsByIpAndUID) Swap(i, j int) { sl[i], sl[j] = sl[j], sl[i] }
-func (sl addrsByIpAndUID) Less(i, j int) bool {
+func (sl addrsByIPAndUID) Len() int      { return len(sl) }
+func (sl addrsByIPAndUID) Swap(i, j int) { sl[i], sl[j] = sl[j], sl[i] }
+func (sl addrsByIPAndUID) Less(i, j int) bool {
 	return LessEndpointAddress(&sl[i], &sl[j])
 }
 

vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/util_test.go

@@ -51,11 +51,11 @@ func TestPackSubsets(t *testing.T) {
 		}, {
 			name:   "empty ports",
 			given:  []v1.EndpointSubset{{Addresses: []v1.EndpointAddress{{IP: "1.2.3.4"}}, Ports: []v1.EndpointPort{}}},
-			expect: []v1.EndpointSubset{},
+			expect: []v1.EndpointSubset{{Addresses: []v1.EndpointAddress{{IP: "1.2.3.4"}}, Ports: nil}},
 		}, {
 			name:   "empty ports",
 			given:  []v1.EndpointSubset{{NotReadyAddresses: []v1.EndpointAddress{{IP: "1.2.3.4"}}, Ports: []v1.EndpointPort{}}},
-			expect: []v1.EndpointSubset{},
+			expect: []v1.EndpointSubset{{NotReadyAddresses: []v1.EndpointAddress{{IP: "1.2.3.4"}}, Ports: nil}},
 		}, {
 			name: "one set, one ip, one port",
 			given: []v1.EndpointSubset{{

vendor/k8s.io/kubernetes/pkg/api/v1/node/BUILD

@@ -9,7 +9,7 @@ go_library(
     name = "go_default_library",
     srcs = ["util.go"],
     importpath = "k8s.io/kubernetes/pkg/api/v1/node",
-    deps = ["//vendor/k8s.io/api/core/v1:go_default_library"],
+    deps = ["//staging/src/k8s.io/api/core/v1:go_default_library"],
 )
 
 filegroup(

vendor/k8s.io/kubernetes/pkg/api/v1/persistentvolume/BUILD

@@ -0,0 +1,35 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["util.go"],
+    importpath = "k8s.io/kubernetes/pkg/api/v1/persistentvolume",
+    visibility = ["//visibility:public"],
+    deps = ["//staging/src/k8s.io/api/core/v1:go_default_library"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["util_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/apis/core:go_default_library",
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)

vendor/k8s.io/kubernetes/pkg/api/v1/persistentvolume/util.go

@@ -0,0 +1,134 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package persistentvolume
+
+import (
+	corev1 "k8s.io/api/core/v1"
+)
+
+func getClaimRefNamespace(pv *corev1.PersistentVolume) string {
+	if pv.Spec.ClaimRef != nil {
+		return pv.Spec.ClaimRef.Namespace
+	}
+	return ""
+}
+
+// Visitor is called with each object's namespace and name, and returns true if visiting should continue
+type Visitor func(namespace, name string, kubeletVisible bool) (shouldContinue bool)
+
+// VisitPVSecretNames invokes the visitor function with the name of every secret
+// referenced by the PV spec. If visitor returns false, visiting is short-circuited.
+// Returns true if visiting completed, false if visiting was short-circuited.
+func VisitPVSecretNames(pv *corev1.PersistentVolume, visitor Visitor) bool {
+	source := &pv.Spec.PersistentVolumeSource
+	switch {
+	case source.AzureFile != nil:
+		if source.AzureFile.SecretNamespace != nil && len(*source.AzureFile.SecretNamespace) > 0 {
+			if len(source.AzureFile.SecretName) > 0 && !visitor(*source.AzureFile.SecretNamespace, source.AzureFile.SecretName, true /* kubeletVisible */) {
+				return false
+			}
+		} else {
+			if len(source.AzureFile.SecretName) > 0 && !visitor(getClaimRefNamespace(pv), source.AzureFile.SecretName, true /* kubeletVisible */) {
+				return false
+			}
+		}
+		return true
+	case source.CephFS != nil:
+		if source.CephFS.SecretRef != nil {
+			// previously persisted PV objects use claimRef namespace
+			ns := getClaimRefNamespace(pv)
+			if len(source.CephFS.SecretRef.Namespace) > 0 {
+				// use the secret namespace if namespace is set
+				ns = source.CephFS.SecretRef.Namespace
+			}
+			if !visitor(ns, source.CephFS.SecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+	case source.Cinder != nil:
+		if source.Cinder.SecretRef != nil && !visitor(source.Cinder.SecretRef.Namespace, source.Cinder.SecretRef.Name, true /* kubeletVisible */) {
+			return false
+		}
+	case source.FlexVolume != nil:
+		if source.FlexVolume.SecretRef != nil {
+			// previously persisted PV objects use claimRef namespace
+			ns := getClaimRefNamespace(pv)
+			if len(source.FlexVolume.SecretRef.Namespace) > 0 {
+				// use the secret namespace if namespace is set
+				ns = source.FlexVolume.SecretRef.Namespace
+			}
+			if !visitor(ns, source.FlexVolume.SecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+	case source.RBD != nil:
+		if source.RBD.SecretRef != nil {
+			// previously persisted PV objects use claimRef namespace
+			ns := getClaimRefNamespace(pv)
+			if len(source.RBD.SecretRef.Namespace) > 0 {
+				// use the secret namespace if namespace is set
+				ns = source.RBD.SecretRef.Namespace
+			}
+			if !visitor(ns, source.RBD.SecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+	case source.ScaleIO != nil:
+		if source.ScaleIO.SecretRef != nil {
+			ns := getClaimRefNamespace(pv)
+			if source.ScaleIO.SecretRef != nil && len(source.ScaleIO.SecretRef.Namespace) > 0 {
+				ns = source.ScaleIO.SecretRef.Namespace
+			}
+			if !visitor(ns, source.ScaleIO.SecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+	case source.ISCSI != nil:
+		if source.ISCSI.SecretRef != nil {
+			// previously persisted PV objects use claimRef namespace
+			ns := getClaimRefNamespace(pv)
+			if len(source.ISCSI.SecretRef.Namespace) > 0 {
+				// use the secret namespace if namespace is set
+				ns = source.ISCSI.SecretRef.Namespace
+			}
+			if !visitor(ns, source.ISCSI.SecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+	case source.StorageOS != nil:
+		if source.StorageOS.SecretRef != nil && !visitor(source.StorageOS.SecretRef.Namespace, source.StorageOS.SecretRef.Name, true /* kubeletVisible */) {
+			return false
+		}
+	case source.CSI != nil:
+		if source.CSI.ControllerPublishSecretRef != nil {
+			if !visitor(source.CSI.ControllerPublishSecretRef.Namespace, source.CSI.ControllerPublishSecretRef.Name, false /* kubeletVisible */) {
+				return false
+			}
+		}
+		if source.CSI.NodePublishSecretRef != nil {
+			if !visitor(source.CSI.NodePublishSecretRef.Namespace, source.CSI.NodePublishSecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+		if source.CSI.NodeStageSecretRef != nil {
+			if !visitor(source.CSI.NodeStageSecretRef.Namespace, source.CSI.NodeStageSecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+	}
+	return true
+}

vendor/k8s.io/kubernetes/pkg/api/v1/persistentvolume/util_test.go

@@ -0,0 +1,272 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package persistentvolume
+
+import (
+	"reflect"
+	"testing"
+
+	"strings"
+
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	api "k8s.io/kubernetes/pkg/apis/core"
+)
+
+func TestPVSecrets(t *testing.T) {
+	// Stub containing all possible secret references in a PV.
+	// The names of the referenced secrets match struct paths detected by reflection.
+	secretNamespace := "Spec.PersistentVolumeSource.AzureFile.SecretNamespace"
+	pvs := []*corev1.PersistentVolume{
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				AzureFile: &corev1.AzureFilePersistentVolumeSource{
+					SecretName: "Spec.PersistentVolumeSource.AzureFile.SecretName"}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				AzureFile: &corev1.AzureFilePersistentVolumeSource{
+					SecretName:      "Spec.PersistentVolumeSource.AzureFile.SecretName",
+					SecretNamespace: &secretNamespace}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				CephFS: &corev1.CephFSPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.CephFS.SecretRef",
+						Namespace: "cephfs"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				CephFS: &corev1.CephFSPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name: "Spec.PersistentVolumeSource.CephFS.SecretRef"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				Cinder: &corev1.CinderPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.Cinder.SecretRef",
+						Namespace: "cinder"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				FlexVolume: &corev1.FlexPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.FlexVolume.SecretRef",
+						Namespace: "flexns"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				FlexVolume: &corev1.FlexPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name: "Spec.PersistentVolumeSource.FlexVolume.SecretRef"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				RBD: &corev1.RBDPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name: "Spec.PersistentVolumeSource.RBD.SecretRef"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				RBD: &corev1.RBDPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.RBD.SecretRef",
+						Namespace: "rbdns"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				ScaleIO: &corev1.ScaleIOPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name: "Spec.PersistentVolumeSource.ScaleIO.SecretRef"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				ScaleIO: &corev1.ScaleIOPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.ScaleIO.SecretRef",
+						Namespace: "scaleions"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				ISCSI: &corev1.ISCSIPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.ISCSI.SecretRef",
+						Namespace: "iscsi"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				ISCSI: &corev1.ISCSIPersistentVolumeSource{
+					SecretRef: &corev1.SecretReference{
+						Name: "Spec.PersistentVolumeSource.ISCSI.SecretRef"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				StorageOS: &corev1.StorageOSPersistentVolumeSource{
+					SecretRef: &corev1.ObjectReference{
+						Name:      "Spec.PersistentVolumeSource.StorageOS.SecretRef",
+						Namespace: "storageosns"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				CSI: &corev1.CSIPersistentVolumeSource{
+					ControllerPublishSecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.CSI.ControllerPublishSecretRef",
+						Namespace: "csi"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				CSI: &corev1.CSIPersistentVolumeSource{
+					NodePublishSecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.CSI.NodePublishSecretRef",
+						Namespace: "csi"}}}}},
+		{Spec: corev1.PersistentVolumeSpec{
+			ClaimRef: &corev1.ObjectReference{Namespace: "claimrefns", Name: "claimrefname"},
+			PersistentVolumeSource: corev1.PersistentVolumeSource{
+				CSI: &corev1.CSIPersistentVolumeSource{
+					NodeStageSecretRef: &corev1.SecretReference{
+						Name:      "Spec.PersistentVolumeSource.CSI.NodeStageSecretRef",
+						Namespace: "csi"}}}}},
+	}
+	extractedNames := sets.NewString()
+	extractedNamesWithNamespace := sets.NewString()
+	for _, pv := range pvs {
+		VisitPVSecretNames(pv, func(namespace, name string, kubeletVisible bool) bool {
+			extractedNames.Insert(name)
+			extractedNamesWithNamespace.Insert(namespace + "/" + name)
+			return true
+		})
+	}
+
+	// excludedSecretPaths holds struct paths to fields with "secret" in the name that are not actually references to secret API objects
+	excludedSecretPaths := sets.NewString(
+		"Spec.PersistentVolumeSource.CephFS.SecretFile",
+		"Spec.PersistentVolumeSource.AzureFile.SecretNamespace",
+	)
+	// expectedSecretPaths holds struct paths to fields with "secret" in the name that are references to secret API objects.
+	// every path here should be represented as an example in the PV stub above, with the secret name set to the path.
+	expectedSecretPaths := sets.NewString(
+		"Spec.PersistentVolumeSource.AzureFile.SecretName",
+		"Spec.PersistentVolumeSource.CephFS.SecretRef",
+		"Spec.PersistentVolumeSource.Cinder.SecretRef",
+		"Spec.PersistentVolumeSource.FlexVolume.SecretRef",
+		"Spec.PersistentVolumeSource.RBD.SecretRef",
+		"Spec.PersistentVolumeSource.ScaleIO.SecretRef",
+		"Spec.PersistentVolumeSource.ISCSI.SecretRef",
+		"Spec.PersistentVolumeSource.StorageOS.SecretRef",
+		"Spec.PersistentVolumeSource.CSI.ControllerPublishSecretRef",
+		"Spec.PersistentVolumeSource.CSI.NodePublishSecretRef",
+		"Spec.PersistentVolumeSource.CSI.NodeStageSecretRef",
+	)
+	secretPaths := collectSecretPaths(t, nil, "", reflect.TypeOf(&api.PersistentVolume{}))
+	secretPaths = secretPaths.Difference(excludedSecretPaths)
+	if missingPaths := expectedSecretPaths.Difference(secretPaths); len(missingPaths) > 0 {
+		t.Logf("Missing expected secret paths:\n%s", strings.Join(missingPaths.List(), "\n"))
+		t.Error("Missing expected secret paths. Verify VisitPVSecretNames() is correctly finding the missing paths, then correct expectedSecretPaths")
+	}
+	if extraPaths := secretPaths.Difference(expectedSecretPaths); len(extraPaths) > 0 {
+		t.Logf("Extra secret paths:\n%s", strings.Join(extraPaths.List(), "\n"))
+		t.Error("Extra fields with 'secret' in the name found. Verify VisitPVSecretNames() is including these fields if appropriate, then correct expectedSecretPaths")
+	}
+
+	if missingNames := expectedSecretPaths.Difference(extractedNames); len(missingNames) > 0 {
+		t.Logf("Missing expected secret names:\n%s", strings.Join(missingNames.List(), "\n"))
+		t.Error("Missing expected secret names. Verify the PV stub above includes these references, then verify VisitPVSecretNames() is correctly finding the missing names")
+	}
+	if extraNames := extractedNames.Difference(expectedSecretPaths); len(extraNames) > 0 {
+		t.Logf("Extra secret names:\n%s", strings.Join(extraNames.List(), "\n"))
+		t.Error("Extra secret names extracted. Verify VisitPVSecretNames() is correctly extracting secret names")
+	}
+
+	expectedNamespacedNames := sets.NewString(
+		"claimrefns/Spec.PersistentVolumeSource.AzureFile.SecretName",
+		"Spec.PersistentVolumeSource.AzureFile.SecretNamespace/Spec.PersistentVolumeSource.AzureFile.SecretName",
+
+		"claimrefns/Spec.PersistentVolumeSource.CephFS.SecretRef",
+		"cephfs/Spec.PersistentVolumeSource.CephFS.SecretRef",
+
+		"cinder/Spec.PersistentVolumeSource.Cinder.SecretRef",
+
+		"claimrefns/Spec.PersistentVolumeSource.FlexVolume.SecretRef",
+		"flexns/Spec.PersistentVolumeSource.FlexVolume.SecretRef",
+
+		"claimrefns/Spec.PersistentVolumeSource.RBD.SecretRef",
+		"rbdns/Spec.PersistentVolumeSource.RBD.SecretRef",
+
+		"claimrefns/Spec.PersistentVolumeSource.ScaleIO.SecretRef",
+		"scaleions/Spec.PersistentVolumeSource.ScaleIO.SecretRef",
+
+		"claimrefns/Spec.PersistentVolumeSource.ISCSI.SecretRef",
+		"iscsi/Spec.PersistentVolumeSource.ISCSI.SecretRef",
+
+		"storageosns/Spec.PersistentVolumeSource.StorageOS.SecretRef",
+
+		"csi/Spec.PersistentVolumeSource.CSI.ControllerPublishSecretRef",
+		"csi/Spec.PersistentVolumeSource.CSI.NodePublishSecretRef",
+		"csi/Spec.PersistentVolumeSource.CSI.NodeStageSecretRef",
+	)
+	if missingNames := expectedNamespacedNames.Difference(extractedNamesWithNamespace); len(missingNames) > 0 {
+		t.Logf("Missing expected namespaced names:\n%s", strings.Join(missingNames.List(), "\n"))
+		t.Error("Missing expected namespaced names. Verify the PV stub above includes these references, then verify VisitPVSecretNames() is correctly finding the missing names")
+	}
+	if extraNames := extractedNamesWithNamespace.Difference(expectedNamespacedNames); len(extraNames) > 0 {
+		t.Logf("Extra namespaced names:\n%s", strings.Join(extraNames.List(), "\n"))
+		t.Error("Extra namespaced names extracted. Verify VisitPVSecretNames() is correctly extracting secret names")
+	}
+}
+
+// collectSecretPaths traverses the object, computing all the struct paths that lead to fields with "secret" in the name.
+func collectSecretPaths(t *testing.T, path *field.Path, name string, tp reflect.Type) sets.String {
+	secretPaths := sets.NewString()
+
+	if tp.Kind() == reflect.Ptr {
+		secretPaths.Insert(collectSecretPaths(t, path, name, tp.Elem()).List()...)
+		return secretPaths
+	}
+
+	if strings.Contains(strings.ToLower(name), "secret") {
+		secretPaths.Insert(path.String())
+	}
+
+	switch tp.Kind() {
+	case reflect.Ptr:
+		secretPaths.Insert(collectSecretPaths(t, path, name, tp.Elem()).List()...)
+	case reflect.Struct:
+		for i := 0; i < tp.NumField(); i++ {
+			field := tp.Field(i)
+			secretPaths.Insert(collectSecretPaths(t, path.Child(field.Name), field.Name, field.Type).List()...)
+		}
+	case reflect.Interface:
+		t.Errorf("cannot find secret fields in interface{} field %s", path.String())
+	case reflect.Map:
+		secretPaths.Insert(collectSecretPaths(t, path.Key("*"), "", tp.Elem()).List()...)
+	case reflect.Slice:
+		secretPaths.Insert(collectSecretPaths(t, path.Key("*"), "", tp.Elem()).List()...)
+	default:
+		// all primitive types
+	}
+
+	return secretPaths
+}
+
+func newHostPathType(pathType string) *corev1.HostPathType {
+	hostPathType := new(corev1.HostPathType)
+	*hostPathType = corev1.HostPathType(pathType)
+	return hostPathType
+}

vendor/k8s.io/kubernetes/pkg/api/v1/pod/BUILD

@@ -11,9 +11,9 @@ go_library(
     srcs = ["util.go"],
     importpath = "k8s.io/kubernetes/pkg/api/v1/pod",
     deps = [
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
     ],
 )
 
@@ -22,12 +22,12 @@ go_test(
     srcs = ["util_test.go"],
     embed = [":go_default_library"],
     deps = [
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
     ],
 )
 

vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go

@@ -209,14 +209,10 @@ func GetContainerStatus(statuses []v1.ContainerStatus, name string) (v1.Containe
 }
 
 // GetExistingContainerStatus extracts the status of container "name" from "statuses",
-// and returns empty status if "name" does not exist.
+// It also returns if "name" exists.
 func GetExistingContainerStatus(statuses []v1.ContainerStatus, name string) v1.ContainerStatus {
-	for i := range statuses {
-		if statuses[i].Name == name {
-			return statuses[i]
-		}
-	}
-	return v1.ContainerStatus{}
+	status, _ := GetContainerStatus(statuses, name)
+	return status
 }
 
 // IsPodAvailable returns true if a pod is available; false otherwise.
@@ -242,13 +238,13 @@ func IsPodReady(pod *v1.Pod) bool {
 	return IsPodReadyConditionTrue(pod.Status)
 }
 
-// IsPodReady returns true if a pod is ready; false otherwise.
+// IsPodReadyConditionTrue returns true if a pod is ready; false otherwise.
 func IsPodReadyConditionTrue(status v1.PodStatus) bool {
 	condition := GetPodReadyCondition(status)
 	return condition != nil && condition.Status == v1.ConditionTrue
 }
 
-// Extracts the pod ready condition from the given status and returns that.
+// GetPodReadyCondition extracts the pod ready condition from the given status and returns that.
 // Returns nil if the condition is not present.
 func GetPodReadyCondition(status v1.PodStatus) *v1.PodCondition {
 	_, condition := GetPodCondition(&status, v1.PodReady)
@@ -278,7 +274,7 @@ func GetPodConditionFromList(conditions []v1.PodCondition, conditionType v1.PodC
 	return -1, nil
 }
 
-// Updates existing pod condition or creates a new one. Sets LastTransitionTime to now if the
+// UpdatePodCondition updates existing pod condition or creates a new one. Sets LastTransitionTime to now if the
 // status has changed.
 // Returns true if pod condition has changed or has been added.
 func UpdatePodCondition(status *v1.PodStatus, condition *v1.PodCondition) bool {
@@ -290,20 +286,19 @@ func UpdatePodCondition(status *v1.PodStatus, condition *v1.PodCondition) bool {
 		// We are adding new pod condition.
 		status.Conditions = append(status.Conditions, *condition)
 		return true
-	} else {
-		// We are updating an existing condition, so we need to check if it has changed.
-		if condition.Status == oldCondition.Status {
-			condition.LastTransitionTime = oldCondition.LastTransitionTime
-		}
-
-		isEqual := condition.Status == oldCondition.Status &&
-			condition.Reason == oldCondition.Reason &&
-			condition.Message == oldCondition.Message &&
-			condition.LastProbeTime.Equal(&oldCondition.LastProbeTime) &&
-			condition.LastTransitionTime.Equal(&oldCondition.LastTransitionTime)
-
-		status.Conditions[conditionIndex] = *condition
-		// Return true if one of the fields have changed.
-		return !isEqual
 	}
+	// We are updating an existing condition, so we need to check if it has changed.
+	if condition.Status == oldCondition.Status {
+		condition.LastTransitionTime = oldCondition.LastTransitionTime
+	}
+
+	isEqual := condition.Status == oldCondition.Status &&
+		condition.Reason == oldCondition.Reason &&
+		condition.Message == oldCondition.Message &&
+		condition.LastProbeTime.Equal(&oldCondition.LastProbeTime) &&
+		condition.LastTransitionTime.Equal(&oldCondition.LastTransitionTime)
+
+	status.Conditions[conditionIndex] = *condition
+	// Return true if one of the fields have changed.
+	return !isEqual
 }

vendor/k8s.io/kubernetes/pkg/api/v1/pod/util_test.go

@@ -301,7 +301,7 @@ func TestPodSecrets(t *testing.T) {
 		"Spec.Volumes[*].VolumeSource.ISCSI.SecretRef",
 		"Spec.Volumes[*].VolumeSource.StorageOS.SecretRef",
 	)
-	secretPaths := collectSecretPaths(t, nil, "", reflect.TypeOf(&v1.Pod{}))
+	secretPaths := collectResourcePaths(t, "secret", nil, "", reflect.TypeOf(&v1.Pod{}))
 	secretPaths = secretPaths.Difference(excludedSecretPaths)
 	if missingPaths := expectedSecretPaths.Difference(secretPaths); len(missingPaths) > 0 {
 		t.Logf("Missing expected secret paths:\n%s", strings.Join(missingPaths.List(), "\n"))
@@ -322,38 +322,113 @@ func TestPodSecrets(t *testing.T) {
 	}
 }
 
-// collectSecretPaths traverses the object, computing all the struct paths that lead to fields with "secret" in the name.
-func collectSecretPaths(t *testing.T, path *field.Path, name string, tp reflect.Type) sets.String {
-	secretPaths := sets.NewString()
+// collectResourcePaths traverses the object, computing all the struct paths that lead to fields with resourcename in the name.
+func collectResourcePaths(t *testing.T, resourcename string, path *field.Path, name string, tp reflect.Type) sets.String {
+	resourcename = strings.ToLower(resourcename)
+	resourcePaths := sets.NewString()
 
 	if tp.Kind() == reflect.Ptr {
-		secretPaths.Insert(collectSecretPaths(t, path, name, tp.Elem()).List()...)
-		return secretPaths
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path, name, tp.Elem()).List()...)
+		return resourcePaths
 	}
 
-	if strings.Contains(strings.ToLower(name), "secret") {
-		secretPaths.Insert(path.String())
+	if strings.Contains(strings.ToLower(name), resourcename) {
+		resourcePaths.Insert(path.String())
 	}
 
 	switch tp.Kind() {
 	case reflect.Ptr:
-		secretPaths.Insert(collectSecretPaths(t, path, name, tp.Elem()).List()...)
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path, name, tp.Elem()).List()...)
 	case reflect.Struct:
 		for i := 0; i < tp.NumField(); i++ {
 			field := tp.Field(i)
-			secretPaths.Insert(collectSecretPaths(t, path.Child(field.Name), field.Name, field.Type).List()...)
+			resourcePaths.Insert(collectResourcePaths(t, resourcename, path.Child(field.Name), field.Name, field.Type).List()...)
 		}
 	case reflect.Interface:
-		t.Errorf("cannot find secret fields in interface{} field %s", path.String())
+		t.Errorf("cannot find %s fields in interface{} field %s", resourcename, path.String())
 	case reflect.Map:
-		secretPaths.Insert(collectSecretPaths(t, path.Key("*"), "", tp.Elem()).List()...)
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path.Key("*"), "", tp.Elem()).List()...)
 	case reflect.Slice:
-		secretPaths.Insert(collectSecretPaths(t, path.Key("*"), "", tp.Elem()).List()...)
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path.Key("*"), "", tp.Elem()).List()...)
 	default:
 		// all primitive types
 	}
 
-	return secretPaths
+	return resourcePaths
+}
+
+func TestPodConfigmaps(t *testing.T) {
+	// Stub containing all possible ConfigMap references in a pod.
+	// The names of the referenced ConfigMaps match struct paths detected by reflection.
+	pod := &v1.Pod{
+		Spec: v1.PodSpec{
+			Containers: []v1.Container{{
+				EnvFrom: []v1.EnvFromSource{{
+					ConfigMapRef: &v1.ConfigMapEnvSource{
+						LocalObjectReference: v1.LocalObjectReference{
+							Name: "Spec.Containers[*].EnvFrom[*].ConfigMapRef"}}}},
+				Env: []v1.EnvVar{{
+					ValueFrom: &v1.EnvVarSource{
+						ConfigMapKeyRef: &v1.ConfigMapKeySelector{
+							LocalObjectReference: v1.LocalObjectReference{
+								Name: "Spec.Containers[*].Env[*].ValueFrom.ConfigMapKeyRef"}}}}}}},
+			InitContainers: []v1.Container{{
+				EnvFrom: []v1.EnvFromSource{{
+					ConfigMapRef: &v1.ConfigMapEnvSource{
+						LocalObjectReference: v1.LocalObjectReference{
+							Name: "Spec.InitContainers[*].EnvFrom[*].ConfigMapRef"}}}},
+				Env: []v1.EnvVar{{
+					ValueFrom: &v1.EnvVarSource{
+						ConfigMapKeyRef: &v1.ConfigMapKeySelector{
+							LocalObjectReference: v1.LocalObjectReference{
+								Name: "Spec.InitContainers[*].Env[*].ValueFrom.ConfigMapKeyRef"}}}}}}},
+			Volumes: []v1.Volume{{
+				VolumeSource: v1.VolumeSource{
+					Projected: &v1.ProjectedVolumeSource{
+						Sources: []v1.VolumeProjection{{
+							ConfigMap: &v1.ConfigMapProjection{
+								LocalObjectReference: v1.LocalObjectReference{
+									Name: "Spec.Volumes[*].VolumeSource.Projected.Sources[*].ConfigMap"}}}}}}}, {
+				VolumeSource: v1.VolumeSource{
+					ConfigMap: &v1.ConfigMapVolumeSource{
+						LocalObjectReference: v1.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.ConfigMap"}}}}},
+		},
+	}
+	extractedNames := sets.NewString()
+	VisitPodConfigmapNames(pod, func(name string) bool {
+		extractedNames.Insert(name)
+		return true
+	})
+
+	// expectedPaths holds struct paths to fields with "ConfigMap" in the name that are references to ConfigMap API objects.
+	// every path here should be represented as an example in the Pod stub above, with the ConfigMap name set to the path.
+	expectedPaths := sets.NewString(
+		"Spec.Containers[*].EnvFrom[*].ConfigMapRef",
+		"Spec.Containers[*].Env[*].ValueFrom.ConfigMapKeyRef",
+		"Spec.InitContainers[*].EnvFrom[*].ConfigMapRef",
+		"Spec.InitContainers[*].Env[*].ValueFrom.ConfigMapKeyRef",
+		"Spec.Volumes[*].VolumeSource.Projected.Sources[*].ConfigMap",
+		"Spec.Volumes[*].VolumeSource.ConfigMap",
+	)
+	collectPaths := collectResourcePaths(t, "ConfigMap", nil, "", reflect.TypeOf(&v1.Pod{}))
+	if missingPaths := expectedPaths.Difference(collectPaths); len(missingPaths) > 0 {
+		t.Logf("Missing expected paths:\n%s", strings.Join(missingPaths.List(), "\n"))
+		t.Error("Missing expected paths. Verify VisitPodConfigmapNames() is correctly finding the missing paths, then correct expectedPaths")
+	}
+	if extraPaths := collectPaths.Difference(expectedPaths); len(extraPaths) > 0 {
+		t.Logf("Extra paths:\n%s", strings.Join(extraPaths.List(), "\n"))
+		t.Error("Extra fields with resource in the name found. Verify VisitPodConfigmapNames() is including these fields if appropriate, then correct expectedPaths")
+	}
+
+	if missingNames := expectedPaths.Difference(extractedNames); len(missingNames) > 0 {
+		t.Logf("Missing expected names:\n%s", strings.Join(missingNames.List(), "\n"))
+		t.Error("Missing expected names. Verify the pod stub above includes these references, then verify VisitPodConfigmapNames() is correctly finding the missing names")
+	}
+	if extraNames := extractedNames.Difference(expectedPaths); len(extraNames) > 0 {
+		t.Logf("Extra names:\n%s", strings.Join(extraNames.List(), "\n"))
+		t.Error("Extra names extracted. Verify VisitPodConfigmapNames() is correctly extracting resource names")
+	}
 }
 
 func newPod(now metav1.Time, ready bool, beforeSec int) *v1.Pod {

vendor/k8s.io/kubernetes/pkg/api/v1/resource/BUILD

@@ -11,9 +11,9 @@ go_test(
     srcs = ["helpers_test.go"],
     embed = [":go_default_library"],
     deps = [
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
     ],
 )
 
@@ -22,8 +22,8 @@ go_library(
     srcs = ["helpers.go"],
     importpath = "k8s.io/kubernetes/pkg/api/v1/resource",
     deps = [
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library",
     ],
 )
 

vendor/k8s.io/kubernetes/pkg/api/v1/resource/helpers.go

@@ -25,55 +25,50 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 )
 
-// PodRequestsAndLimits returns a dictionary of all defined resources summed up for all
-// containers of the pod.
-func PodRequestsAndLimits(pod *v1.Pod) (reqs map[v1.ResourceName]resource.Quantity, limits map[v1.ResourceName]resource.Quantity) {
-	reqs, limits = map[v1.ResourceName]resource.Quantity{}, map[v1.ResourceName]resource.Quantity{}
-	for _, container := range pod.Spec.Containers {
-		for name, quantity := range container.Resources.Requests {
-			if value, ok := reqs[name]; !ok {
-				reqs[name] = *quantity.Copy()
-			} else {
-				value.Add(quantity)
-				reqs[name] = value
-			}
+// addResourceList adds the resources in newList to list
+func addResourceList(list, new v1.ResourceList) {
+	for name, quantity := range new {
+		if value, ok := list[name]; !ok {
+			list[name] = *quantity.Copy()
+		} else {
+			value.Add(quantity)
+			list[name] = value
 		}
-		for name, quantity := range container.Resources.Limits {
-			if value, ok := limits[name]; !ok {
-				limits[name] = *quantity.Copy()
-			} else {
-				value.Add(quantity)
-				limits[name] = value
+	}
+}
+
+// maxResourceList sets list to the greater of list/newList for every resource
+// either list
+func maxResourceList(list, new v1.ResourceList) {
+	for name, quantity := range new {
+		if value, ok := list[name]; !ok {
+			list[name] = *quantity.Copy()
+			continue
+		} else {
+			if quantity.Cmp(value) > 0 {
+				list[name] = *quantity.Copy()
 			}
 		}
 	}
+}
+
+// PodRequestsAndLimits returns a dictionary of all defined resources summed up for all
+// containers of the pod.
+func PodRequestsAndLimits(pod *v1.Pod) (reqs, limits v1.ResourceList) {
+	reqs, limits = v1.ResourceList{}, v1.ResourceList{}
+	for _, container := range pod.Spec.Containers {
+		addResourceList(reqs, container.Resources.Requests)
+		addResourceList(limits, container.Resources.Limits)
+	}
 	// init containers define the minimum of any resource
 	for _, container := range pod.Spec.InitContainers {
-		for name, quantity := range container.Resources.Requests {
-			value, ok := reqs[name]
-			if !ok {
-				reqs[name] = *quantity.Copy()
-				continue
-			}
-			if quantity.Cmp(value) > 0 {
-				reqs[name] = *quantity.Copy()
-			}
-		}
-		for name, quantity := range container.Resources.Limits {
-			value, ok := limits[name]
-			if !ok {
-				limits[name] = *quantity.Copy()
-				continue
-			}
-			if quantity.Cmp(value) > 0 {
-				limits[name] = *quantity.Copy()
-			}
-		}
+		maxResourceList(reqs, container.Resources.Requests)
+		maxResourceList(limits, container.Resources.Limits)
 	}
 	return
 }
 
-// finds and returns the request for a specific resource.
+// GetResourceRequest finds and returns the request for a specific resource.
 func GetResourceRequest(pod *v1.Pod, resource v1.ResourceName) int64 {
 	if resource == v1.ResourcePods {
 		return 1

vendor/k8s.io/kubernetes/pkg/api/v1/service/BUILD

@@ -12,7 +12,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/api/v1/service",
     deps = [
         "//pkg/util/net/sets:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
     ],
 )
 
@@ -22,7 +22,7 @@ go_test(
     embed = [":go_default_library"],
     deps = [
         "//pkg/util/net/sets:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//staging/src/k8s.io/api/core/v1:go_default_library",
     ],
 )
 

vendor/k8s.io/kubernetes/pkg/api/v1/service/util_test.go

@@ -151,25 +151,25 @@ func TestRequestsOnlyLocalTraffic(t *testing.T) {
 	})
 	checkRequestsOnlyLocalTraffic(false, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeNodePort,
+			Type:                  v1.ServiceTypeNodePort,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster,
 		},
 	})
 	checkRequestsOnlyLocalTraffic(true, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeNodePort,
+			Type:                  v1.ServiceTypeNodePort,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal,
 		},
 	})
 	checkRequestsOnlyLocalTraffic(false, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeLoadBalancer,
+			Type:                  v1.ServiceTypeLoadBalancer,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster,
 		},
 	})
 	checkRequestsOnlyLocalTraffic(true, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeLoadBalancer,
+			Type:                  v1.ServiceTypeLoadBalancer,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal,
 		},
 	})
@@ -191,25 +191,25 @@ func TestNeedsHealthCheck(t *testing.T) {
 	})
 	checkNeedsHealthCheck(false, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeNodePort,
+			Type:                  v1.ServiceTypeNodePort,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster,
 		},
 	})
 	checkNeedsHealthCheck(false, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeNodePort,
+			Type:                  v1.ServiceTypeNodePort,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal,
 		},
 	})
 	checkNeedsHealthCheck(false, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeLoadBalancer,
+			Type:                  v1.ServiceTypeLoadBalancer,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster,
 		},
 	})
 	checkNeedsHealthCheck(true, &v1.Service{
 		Spec: v1.ServiceSpec{
-			Type: v1.ServiceTypeLoadBalancer,
+			Type:                  v1.ServiceTypeLoadBalancer,
 			ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal,
 		},
 	})