Fresh dep ensure

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/BUILD

@@ -0,0 +1,38 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "register.go",
+        "types.go",
+        "zz_generated.deepcopy.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/apis/auditregistration",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//pkg/apis/auditregistration/fuzzer:all-srcs",
+        "//pkg/apis/auditregistration/install:all-srcs",
+        "//pkg/apis/auditregistration/v1alpha1:all-srcs",
+        "//pkg/apis/auditregistration/validation:all-srcs",
+    ],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/doc.go

@@ -0,0 +1,20 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +groupName=auditregistration.k8s.io
+
+package auditregistration // import "k8s.io/kubernetes/pkg/apis/auditregistration"

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer/BUILD

@@ -0,0 +1,27 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["fuzzer.go"],
+    importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/apis/auditregistration:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/github.com/google/gofuzz:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer/fuzzer.go

@@ -0,0 +1,38 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fuzzer
+
+import (
+	fuzz "github.com/google/gofuzz"
+
+	runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer"
+	"k8s.io/kubernetes/pkg/apis/auditregistration"
+)
+
+// Funcs returns the fuzzer functions for the auditregistration api group.
+var Funcs = func(codecs runtimeserializer.CodecFactory) []interface{} {
+	return []interface{}{
+		func(obj *auditregistration.AuditSink, c fuzz.Continue) {
+			c.FuzzNoCustom(obj)
+			v := int64(1)
+			obj.Spec.Webhook.Throttle = &auditregistration.WebhookThrottleConfig{
+				QPS:   &v,
+				Burst: &v,
+			}
+		},
+	}
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/install/BUILD

@@ -0,0 +1,29 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["install.go"],
+    importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/install",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/apis/auditregistration:go_default_library",
+        "//pkg/apis/auditregistration/v1alpha1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/install/install.go

@@ -0,0 +1,38 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package install adds the experimental API group, making it available as
+// an option to all of the API encoding/decoding machinery.
+package install
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/apis/auditregistration"
+	"k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1"
+)
+
+func init() {
+	Install(legacyscheme.Scheme)
+}
+
+// Install registers the API group and adds types to a scheme
+func Install(scheme *runtime.Scheme) {
+	utilruntime.Must(auditregistration.AddToScheme(scheme))
+	utilruntime.Must(v1alpha1.AddToScheme(scheme))
+	utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion))
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/register.go

@@ -0,0 +1,53 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package auditregistration
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "auditregistration.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
+
+// Kind takes an unqualified kind and returns a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+	return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	// SchemeBuilder for audit registration
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	// AddToScheme audit registration
+	AddToScheme = SchemeBuilder.AddToScheme
+)
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&AuditSink{},
+		&AuditSinkList{},
+	)
+	return nil
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/types.go

@@ -0,0 +1,196 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:openapi-gen=true
+
+package auditregistration
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// Level defines the amount of information logged during auditing
+type Level string
+
+// Valid audit levels
+const (
+	// LevelNone disables auditing
+	LevelNone Level = "None"
+	// LevelMetadata provides the basic level of auditing.
+	LevelMetadata Level = "Metadata"
+	// LevelRequest provides Metadata level of auditing, and additionally
+	// logs the request object (does not apply for non-resource requests).
+	LevelRequest Level = "Request"
+	// LevelRequestResponse provides Request level of auditing, and additionally
+	// logs the response object (does not apply for non-resource requests and watches).
+	LevelRequestResponse Level = "RequestResponse"
+)
+
+// Stage defines the stages in request handling during which audit events may be generated.
+type Stage string
+
+// Valid audit stages.
+const (
+	// The stage for events generated after the audit handler receives the request, but before it
+	// is delegated down the handler chain.
+	StageRequestReceived = "RequestReceived"
+	// The stage for events generated after the response headers are sent, but before the response body
+	// is sent. This stage is only generated for long-running requests (e.g. watch).
+	StageResponseStarted = "ResponseStarted"
+	// The stage for events generated after the response body has been completed, and no more bytes
+	// will be sent.
+	StageResponseComplete = "ResponseComplete"
+	// The stage for events generated when a panic occurred.
+	StagePanic = "Panic"
+)
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// AuditSink represents a cluster level sink for audit data
+type AuditSink struct {
+	metav1.TypeMeta
+
+	// +optional
+	metav1.ObjectMeta
+
+	// Spec defines the audit sink spec
+	Spec AuditSinkSpec
+}
+
+// AuditSinkSpec is the spec for the audit sink object
+type AuditSinkSpec struct {
+	// Policy defines the policy for selecting which events should be sent to the backend
+	// required
+	Policy Policy
+
+	// Webhook to send events
+	// required
+	Webhook Webhook
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// AuditSinkList is a list of a	audit sink items.
+type AuditSinkList struct {
+	metav1.TypeMeta
+
+	// +optional
+	metav1.ListMeta
+
+	// List of audit configurations.
+	Items []AuditSink
+}
+
+// Policy defines the configuration of how audit events are logged
+type Policy struct {
+	// The Level that all requests are recorded at.
+	// available options: None, Metadata, Request, RequestResponse
+	// required
+	Level Level
+
+	// Stages is a list of stages for which events are created.
+	// +optional
+	Stages []Stage
+}
+
+// Webhook holds the configuration of the webhooks
+type Webhook struct {
+	// Throttle holds the options for throttling the webhook
+	// +optional
+	Throttle *WebhookThrottleConfig
+
+	// ClientConfig holds the connection parameters for the webhook
+	// required
+	ClientConfig WebhookClientConfig
+}
+
+// WebhookThrottleConfig holds the configuration for throttling
+type WebhookThrottleConfig struct {
+	// QPS maximum number of batches per second
+	// default 10 QPS
+	// +optional
+	QPS *int64
+
+	// Burst is the maximum number of events sent at the same moment
+	// default 15 QPS
+	// +optional
+	Burst *int64
+}
+
+// WebhookClientConfig contains the information to make a connection with the webhook
+type WebhookClientConfig struct {
+	// `url` gives the location of the webhook, in standard URL form
+	// (`scheme://host:port/path`). Exactly one of `url` or `service`
+	// must be specified.
+	//
+	// The `host` should not refer to a service running in the cluster; use
+	// the `service` field instead. The host might be resolved via external
+	// DNS in some apiservers (e.g., `kube-apiserver` cannot resolve
+	// in-cluster DNS as that would be a layering violation). `host` may
+	// also be an IP address.
+	//
+	// Please note that using `localhost` or `127.0.0.1` as a `host` is
+	// risky unless you take great care to run this webhook on all hosts
+	// which run an apiserver which might need to make calls to this
+	// webhook. Such installs are likely to be non-portable, i.e., not easy
+	// to turn up in a new cluster.
+	//
+	// The scheme must be "https"; the URL must begin with "https://".
+	//
+	// A path is optional, and if present may be any string permissible in
+	// a URL. You may use the path to pass an arbitrary string to the
+	// webhook, for example, a cluster identifier.
+	//
+	// Attempting to use a user or basic auth e.g. "user:password@" is not
+	// allowed. Fragments ("#...") and query parameters ("?...") are not
+	// allowed, either.
+	//
+	// +optional
+	URL *string
+
+	// `service` is a reference to the service for this webhook. Either
+	// `service` or `url` must be specified.
+	//
+	// If the webhook is running within the cluster, then you should use `service`.
+	//
+	// Port 443 will be used if it is open, otherwise it is an error.
+	//
+	// +optional
+	Service *ServiceReference
+
+	// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
+	// If unspecified, system trust roots on the apiserver are used.
+	// +optional
+	CABundle []byte
+}
+
+// ServiceReference holds a reference to Service.legacy.k8s.io
+type ServiceReference struct {
+	// `namespace` is the namespace of the service.
+	// Required
+	Namespace string
+
+	// `name` is the name of the service.
+	// Required
+	Name string
+
+	// `path` is an optional URL path which will be sent in any request to
+	// this service.
+	// +optional
+	Path *string
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1/BUILD

@@ -0,0 +1,50 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "defaults.go",
+        "doc.go",
+        "register.go",
+        "zz_generated.conversion.go",
+        "zz_generated.defaults.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/apis/auditregistration:go_default_library",
+        "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/utils/pointer:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["defaults_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/apis/auditregistration/install:go_default_library",
+        "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/utils/pointer:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1/defaults.go

@@ -0,0 +1,56 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1"
+	"k8s.io/apimachinery/pkg/runtime"
+	utilpointer "k8s.io/utils/pointer"
+)
+
+const (
+	// DefaultQPS is the default QPS value
+	DefaultQPS = int64(10)
+	// DefaultBurst is the default burst value
+	DefaultBurst = int64(15)
+)
+
+// DefaultThrottle is a default throttle config
+func DefaultThrottle() *auditregistrationv1alpha1.WebhookThrottleConfig {
+	return &auditregistrationv1alpha1.WebhookThrottleConfig{
+		QPS:   utilpointer.Int64Ptr(DefaultQPS),
+		Burst: utilpointer.Int64Ptr(DefaultBurst),
+	}
+}
+
+func addDefaultingFuncs(scheme *runtime.Scheme) error {
+	return RegisterDefaults(scheme)
+}
+
+// SetDefaults_AuditSink sets defaults if the audit sink isn't present
+func SetDefaults_AuditSink(obj *auditregistrationv1alpha1.AuditSink) {
+	if obj.Spec.Webhook.Throttle != nil {
+		if obj.Spec.Webhook.Throttle.QPS == nil {
+			obj.Spec.Webhook.Throttle.QPS = utilpointer.Int64Ptr(DefaultQPS)
+		}
+		if obj.Spec.Webhook.Throttle.Burst == nil {
+			obj.Spec.Webhook.Throttle.Burst = utilpointer.Int64Ptr(DefaultBurst)
+		}
+	} else {
+		obj.Spec.Webhook.Throttle = DefaultThrottle()
+	}
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1/defaults_test.go

@@ -0,0 +1,165 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1_test
+
+import (
+	"reflect"
+	"testing"
+
+	auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1"
+	apiequality "k8s.io/apimachinery/pkg/api/equality"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	_ "k8s.io/kubernetes/pkg/apis/auditregistration/install"
+	. "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1"
+	utilpointer "k8s.io/utils/pointer"
+)
+
+func TestSetDefaultAuditSink(t *testing.T) {
+	defaultURL := "http://test"
+	tests := []struct {
+		original *auditregistrationv1alpha1.AuditSink
+		expected *auditregistrationv1alpha1.AuditSink
+	}{
+		{ // Missing Throttle
+			original: &auditregistrationv1alpha1.AuditSink{
+				Spec: auditregistrationv1alpha1.AuditSinkSpec{
+					Policy: auditregistrationv1alpha1.Policy{
+						Level: auditregistrationv1alpha1.LevelMetadata,
+					},
+					Webhook: auditregistrationv1alpha1.Webhook{
+						ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{
+							URL: &defaultURL,
+						},
+					},
+				},
+			},
+			expected: &auditregistrationv1alpha1.AuditSink{
+				Spec: auditregistrationv1alpha1.AuditSinkSpec{
+					Policy: auditregistrationv1alpha1.Policy{
+						Level: auditregistrationv1alpha1.LevelMetadata,
+					},
+					Webhook: auditregistrationv1alpha1.Webhook{
+						Throttle: DefaultThrottle(),
+						ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{
+							URL: &defaultURL,
+						},
+					},
+				},
+			},
+		},
+		{ // Missing QPS
+			original: &auditregistrationv1alpha1.AuditSink{
+				Spec: auditregistrationv1alpha1.AuditSinkSpec{
+					Policy: auditregistrationv1alpha1.Policy{
+						Level: auditregistrationv1alpha1.LevelMetadata,
+					},
+					Webhook: auditregistrationv1alpha1.Webhook{
+						Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{
+							Burst: utilpointer.Int64Ptr(1),
+						},
+						ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{
+							URL: &defaultURL,
+						},
+					},
+				},
+			},
+			expected: &auditregistrationv1alpha1.AuditSink{
+				Spec: auditregistrationv1alpha1.AuditSinkSpec{
+					Policy: auditregistrationv1alpha1.Policy{
+						Level: auditregistrationv1alpha1.LevelMetadata,
+					},
+					Webhook: auditregistrationv1alpha1.Webhook{
+						Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{
+							QPS:   DefaultThrottle().QPS,
+							Burst: utilpointer.Int64Ptr(1),
+						},
+						ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{
+							URL: &defaultURL,
+						},
+					},
+				},
+			},
+		},
+		{ // Missing Burst
+			original: &auditregistrationv1alpha1.AuditSink{
+				Spec: auditregistrationv1alpha1.AuditSinkSpec{
+					Policy: auditregistrationv1alpha1.Policy{
+						Level: auditregistrationv1alpha1.LevelMetadata,
+					},
+					Webhook: auditregistrationv1alpha1.Webhook{
+						Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{
+							QPS: utilpointer.Int64Ptr(1),
+						},
+						ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{
+							URL: &defaultURL,
+						},
+					},
+				},
+			},
+			expected: &auditregistrationv1alpha1.AuditSink{
+				Spec: auditregistrationv1alpha1.AuditSinkSpec{
+					Policy: auditregistrationv1alpha1.Policy{
+						Level: auditregistrationv1alpha1.LevelMetadata,
+					},
+					Webhook: auditregistrationv1alpha1.Webhook{
+						Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{
+							QPS:   utilpointer.Int64Ptr(1),
+							Burst: DefaultThrottle().Burst,
+						},
+						ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{
+							URL: &defaultURL,
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for i, test := range tests {
+		original := test.original
+		expected := test.expected
+		obj2 := roundTrip(t, runtime.Object(original))
+		got, ok := obj2.(*auditregistrationv1alpha1.AuditSink)
+		if !ok {
+			t.Fatalf("(%d) unexpected object: %v", i, obj2)
+		}
+		if !apiequality.Semantic.DeepEqual(got.Spec, expected.Spec) {
+			t.Errorf("(%d) got different than expected\ngot:\n\t%+v\nexpected:\n\t%+v", i, got.Spec, expected.Spec)
+		}
+	}
+}
+
+func roundTrip(t *testing.T, obj runtime.Object) runtime.Object {
+	data, err := runtime.Encode(legacyscheme.Codecs.LegacyCodec(SchemeGroupVersion), obj)
+	if err != nil {
+		t.Errorf("%v\n %#v", err, obj)
+		return nil
+	}
+	obj2, err := runtime.Decode(legacyscheme.Codecs.UniversalDecoder(), data)
+	if err != nil {
+		t.Errorf("%v\nData: %s\nSource: %#v", err, string(data), obj)
+		return nil
+	}
+	obj3 := reflect.New(reflect.TypeOf(obj).Elem()).Interface().(runtime.Object)
+	err = legacyscheme.Scheme.Convert(obj2, obj3, nil)
+	if err != nil {
+		t.Errorf("%v\nSource: %#v", err, obj2)
+		return nil
+	}
+	return obj3
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1/doc.go

@@ -0,0 +1,24 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/auditregistration
+// +k8s:conversion-gen-external-types=k8s.io/api/auditregistration/v1alpha1
+// +k8s:defaulter-gen=TypeMeta
+// +k8s:defaulter-gen-input=../../../../vendor/k8s.io/api/auditregistration/v1alpha1
+
+// +groupName=auditregistration.k8s.io
+
+package v1alpha1 // import "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1"

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1/register.go

@@ -0,0 +1,46 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName for audit registration
+const GroupName = "auditregistration.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	localSchemeBuilder = &auditregistrationv1alpha1.SchemeBuilder
+	// AddToScheme audit registration
+	AddToScheme = localSchemeBuilder.AddToScheme
+)
+
+func init() {
+	// We only register manually written functions here. The registration of the
+	// generated functions takes place in the generated files. The separation
+	// makes the code compile even when the generated files are missing.
+	localSchemeBuilder.Register(addDefaultingFuncs)
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go

@@ -0,0 +1,316 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by conversion-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	unsafe "unsafe"
+
+	v1alpha1 "k8s.io/api/auditregistration/v1alpha1"
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration"
+)
+
+func init() {
+	localSchemeBuilder.Register(RegisterConversions)
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+// Public to allow building arbitrary schemes.
+func RegisterConversions(s *runtime.Scheme) error {
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSink)(nil), (*auditregistration.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(a.(*v1alpha1.AuditSink), b.(*auditregistration.AuditSink), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSink)(nil), (*v1alpha1.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(a.(*auditregistration.AuditSink), b.(*v1alpha1.AuditSink), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkList)(nil), (*auditregistration.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(a.(*v1alpha1.AuditSinkList), b.(*auditregistration.AuditSinkList), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkList)(nil), (*v1alpha1.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(a.(*auditregistration.AuditSinkList), b.(*v1alpha1.AuditSinkList), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkSpec)(nil), (*auditregistration.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(a.(*v1alpha1.AuditSinkSpec), b.(*auditregistration.AuditSinkSpec), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkSpec)(nil), (*v1alpha1.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(a.(*auditregistration.AuditSinkSpec), b.(*v1alpha1.AuditSinkSpec), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.Policy)(nil), (*auditregistration.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_Policy_To_auditregistration_Policy(a.(*v1alpha1.Policy), b.(*auditregistration.Policy), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.Policy)(nil), (*v1alpha1.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_Policy_To_v1alpha1_Policy(a.(*auditregistration.Policy), b.(*v1alpha1.Policy), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.ServiceReference)(nil), (*auditregistration.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(a.(*v1alpha1.ServiceReference), b.(*auditregistration.ServiceReference), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.ServiceReference)(nil), (*v1alpha1.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(a.(*auditregistration.ServiceReference), b.(*v1alpha1.ServiceReference), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.Webhook)(nil), (*auditregistration.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_Webhook_To_auditregistration_Webhook(a.(*v1alpha1.Webhook), b.(*auditregistration.Webhook), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.Webhook)(nil), (*v1alpha1.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_Webhook_To_v1alpha1_Webhook(a.(*auditregistration.Webhook), b.(*v1alpha1.Webhook), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookClientConfig)(nil), (*auditregistration.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(a.(*v1alpha1.WebhookClientConfig), b.(*auditregistration.WebhookClientConfig), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookClientConfig)(nil), (*v1alpha1.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(a.(*auditregistration.WebhookClientConfig), b.(*v1alpha1.WebhookClientConfig), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookThrottleConfig)(nil), (*auditregistration.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(a.(*v1alpha1.WebhookThrottleConfig), b.(*auditregistration.WebhookThrottleConfig), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookThrottleConfig)(nil), (*v1alpha1.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(a.(*auditregistration.WebhookThrottleConfig), b.(*v1alpha1.WebhookThrottleConfig), scope)
+	}); err != nil {
+		return err
+	}
+	return nil
+}
+
+func autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink is an autogenerated conversion function.
+func Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error {
+	return autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in, out, s)
+}
+
+func autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink is an autogenerated conversion function.
+func Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error {
+	return autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in, out, s)
+}
+
+func autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]auditregistration.AuditSink)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList is an autogenerated conversion function.
+func Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error {
+	return autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in, out, s)
+}
+
+func autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]v1alpha1.AuditSink)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList is an autogenerated conversion function.
+func Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error {
+	return autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in, out, s)
+}
+
+func autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error {
+	if err := Convert_v1alpha1_Policy_To_auditregistration_Policy(&in.Policy, &out.Policy, s); err != nil {
+		return err
+	}
+	if err := Convert_v1alpha1_Webhook_To_auditregistration_Webhook(&in.Webhook, &out.Webhook, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec is an autogenerated conversion function.
+func Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error {
+	return autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in, out, s)
+}
+
+func autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error {
+	if err := Convert_auditregistration_Policy_To_v1alpha1_Policy(&in.Policy, &out.Policy, s); err != nil {
+		return err
+	}
+	if err := Convert_auditregistration_Webhook_To_v1alpha1_Webhook(&in.Webhook, &out.Webhook, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec is an autogenerated conversion function.
+func Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error {
+	return autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in, out, s)
+}
+
+func autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error {
+	out.Level = auditregistration.Level(in.Level)
+	out.Stages = *(*[]auditregistration.Stage)(unsafe.Pointer(&in.Stages))
+	return nil
+}
+
+// Convert_v1alpha1_Policy_To_auditregistration_Policy is an autogenerated conversion function.
+func Convert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error {
+	return autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in, out, s)
+}
+
+func autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error {
+	out.Level = v1alpha1.Level(in.Level)
+	out.Stages = *(*[]v1alpha1.Stage)(unsafe.Pointer(&in.Stages))
+	return nil
+}
+
+// Convert_auditregistration_Policy_To_v1alpha1_Policy is an autogenerated conversion function.
+func Convert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error {
+	return autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in, out, s)
+}
+
+func autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error {
+	out.Namespace = in.Namespace
+	out.Name = in.Name
+	out.Path = (*string)(unsafe.Pointer(in.Path))
+	return nil
+}
+
+// Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference is an autogenerated conversion function.
+func Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error {
+	return autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in, out, s)
+}
+
+func autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error {
+	out.Namespace = in.Namespace
+	out.Name = in.Name
+	out.Path = (*string)(unsafe.Pointer(in.Path))
+	return nil
+}
+
+// Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference is an autogenerated conversion function.
+func Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error {
+	return autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in, out, s)
+}
+
+func autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error {
+	out.Throttle = (*auditregistration.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle))
+	if err := Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1alpha1_Webhook_To_auditregistration_Webhook is an autogenerated conversion function.
+func Convert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error {
+	return autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in, out, s)
+}
+
+func autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error {
+	out.Throttle = (*v1alpha1.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle))
+	if err := Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_auditregistration_Webhook_To_v1alpha1_Webhook is an autogenerated conversion function.
+func Convert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error {
+	return autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in, out, s)
+}
+
+func autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error {
+	out.URL = (*string)(unsafe.Pointer(in.URL))
+	out.Service = (*auditregistration.ServiceReference)(unsafe.Pointer(in.Service))
+	out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle))
+	return nil
+}
+
+// Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig is an autogenerated conversion function.
+func Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error {
+	return autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in, out, s)
+}
+
+func autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error {
+	out.URL = (*string)(unsafe.Pointer(in.URL))
+	out.Service = (*v1alpha1.ServiceReference)(unsafe.Pointer(in.Service))
+	out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle))
+	return nil
+}
+
+// Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig is an autogenerated conversion function.
+func Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error {
+	return autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in, out, s)
+}
+
+func autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error {
+	out.QPS = (*int64)(unsafe.Pointer(in.QPS))
+	out.Burst = (*int64)(unsafe.Pointer(in.Burst))
+	return nil
+}
+
+// Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig is an autogenerated conversion function.
+func Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error {
+	return autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in, out, s)
+}
+
+func autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error {
+	out.QPS = (*int64)(unsafe.Pointer(in.QPS))
+	out.Burst = (*int64)(unsafe.Pointer(in.Burst))
+	return nil
+}
+
+// Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig is an autogenerated conversion function.
+func Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error {
+	return autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in, out, s)
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go

@@ -0,0 +1,46 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by defaulter-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	v1alpha1 "k8s.io/api/auditregistration/v1alpha1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// RegisterDefaults adds defaulters functions to the given scheme.
+// Public to allow building arbitrary schemes.
+// All generated defaulters are covering - they call all nested defaulters.
+func RegisterDefaults(scheme *runtime.Scheme) error {
+	scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSink{}, func(obj interface{}) { SetObjectDefaults_AuditSink(obj.(*v1alpha1.AuditSink)) })
+	scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSinkList{}, func(obj interface{}) { SetObjectDefaults_AuditSinkList(obj.(*v1alpha1.AuditSinkList)) })
+	return nil
+}
+
+func SetObjectDefaults_AuditSink(in *v1alpha1.AuditSink) {
+	SetDefaults_AuditSink(in)
+}
+
+func SetObjectDefaults_AuditSinkList(in *v1alpha1.AuditSinkList) {
+	for i := range in.Items {
+		a := &in.Items[i]
+		SetObjectDefaults_AuditSink(a)
+	}
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/validation/BUILD

@@ -0,0 +1,41 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["validation.go"],
+    importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/validation",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/apis/auditregistration:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
+        "//staging/src/k8s.io/apiserver/pkg/util/webhook:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["validation_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/apis/auditregistration:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
+        "//vendor/github.com/stretchr/testify/require:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/validation/validation.go

@@ -0,0 +1,123 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validation
+
+import (
+	"strings"
+
+	genericvalidation "k8s.io/apimachinery/pkg/api/validation"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	"k8s.io/apiserver/pkg/util/webhook"
+	"k8s.io/kubernetes/pkg/apis/auditregistration"
+)
+
+// ValidateAuditSink validates the AuditSinks
+func ValidateAuditSink(as *auditregistration.AuditSink) field.ErrorList {
+	allErrs := genericvalidation.ValidateObjectMeta(&as.ObjectMeta, false, genericvalidation.NameIsDNSSubdomain, field.NewPath("metadata"))
+	allErrs = append(allErrs, ValidateAuditSinkSpec(as.Spec, field.NewPath("spec"))...)
+	return allErrs
+}
+
+// ValidateAuditSinkSpec validates the sink spec for audit
+func ValidateAuditSinkSpec(s auditregistration.AuditSinkSpec, fldPath *field.Path) field.ErrorList {
+	var allErrs field.ErrorList
+	allErrs = append(allErrs, ValidatePolicy(s.Policy, fldPath.Child("policy"))...)
+	allErrs = append(allErrs, ValidateWebhook(s.Webhook, fldPath.Child("webhook"))...)
+	return allErrs
+}
+
+// ValidateWebhook validates the webhook
+func ValidateWebhook(w auditregistration.Webhook, fldPath *field.Path) field.ErrorList {
+	var allErrs field.ErrorList
+	if w.Throttle != nil {
+		allErrs = append(allErrs, ValidateWebhookThrottleConfig(w.Throttle, fldPath.Child("throttle"))...)
+	}
+
+	cc := w.ClientConfig
+	switch {
+	case (cc.URL == nil) == (cc.Service == nil):
+		allErrs = append(allErrs, field.Required(fldPath.Child("clientConfig"), "exactly one of url or service is required"))
+	case cc.URL != nil:
+		allErrs = append(allErrs, webhook.ValidateWebhookURL(fldPath.Child("clientConfig").Child("url"), *cc.URL, false)...)
+	case cc.Service != nil:
+		allErrs = append(allErrs, webhook.ValidateWebhookService(fldPath.Child("clientConfig").Child("service"), cc.Service.Name, cc.Service.Namespace, cc.Service.Path)...)
+	}
+	return allErrs
+}
+
+// ValidateWebhookThrottleConfig validates the throttle config
+func ValidateWebhookThrottleConfig(c *auditregistration.WebhookThrottleConfig, fldPath *field.Path) field.ErrorList {
+	var allErrs field.ErrorList
+	if c.QPS != nil && *c.QPS <= 0 {
+		allErrs = append(allErrs, field.Invalid(fldPath.Child("qps"), c.QPS, "qps must be a positive number"))
+	}
+	if c.Burst != nil && *c.Burst <= 0 {
+		allErrs = append(allErrs, field.Invalid(fldPath.Child("burst"), c.Burst, "burst must be a positive number"))
+	}
+	return allErrs
+}
+
+// ValidatePolicy validates the audit policy
+func ValidatePolicy(policy auditregistration.Policy, fldPath *field.Path) field.ErrorList {
+	var allErrs field.ErrorList
+	allErrs = append(allErrs, validateStages(policy.Stages, fldPath.Child("stages"))...)
+	allErrs = append(allErrs, validateLevel(policy.Level, fldPath.Child("level"))...)
+	if policy.Level != auditregistration.LevelNone && len(policy.Stages) == 0 {
+		return field.ErrorList{field.Required(fldPath.Child("stages"), "")}
+	}
+	return allErrs
+}
+
+var validLevels = sets.NewString(
+	string(auditregistration.LevelNone),
+	string(auditregistration.LevelMetadata),
+	string(auditregistration.LevelRequest),
+	string(auditregistration.LevelRequestResponse),
+)
+
+var validStages = sets.NewString(
+	string(auditregistration.StageRequestReceived),
+	string(auditregistration.StageResponseStarted),
+	string(auditregistration.StageResponseComplete),
+	string(auditregistration.StagePanic),
+)
+
+func validateLevel(level auditregistration.Level, fldPath *field.Path) field.ErrorList {
+	if string(level) == "" {
+		return field.ErrorList{field.Required(fldPath, "")}
+	}
+	if !validLevels.Has(string(level)) {
+		return field.ErrorList{field.NotSupported(fldPath, level, validLevels.List())}
+	}
+	return nil
+}
+
+func validateStages(stages []auditregistration.Stage, fldPath *field.Path) field.ErrorList {
+	var allErrs field.ErrorList
+	for i, stage := range stages {
+		if !validStages.Has(string(stage)) {
+			allErrs = append(allErrs, field.Invalid(fldPath.Index(i), string(stage), "allowed stages are "+strings.Join(validStages.List(), ",")))
+		}
+	}
+	return allErrs
+}
+
+// ValidateAuditSinkUpdate validates an update to the object
+func ValidateAuditSinkUpdate(newC, oldC *auditregistration.AuditSink) field.ErrorList {
+	return ValidateAuditSink(newC)
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/validation/validation_test.go

@@ -0,0 +1,324 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validation
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	"k8s.io/kubernetes/pkg/apis/auditregistration"
+)
+
+func TestValidateAuditSink(t *testing.T) {
+	testQPS := int64(10)
+	testURL := "http://localhost"
+	testCases := []struct {
+		name   string
+		conf   auditregistration.AuditSink
+		numErr int
+	}{
+		{
+			name: "should pass full config",
+			conf: auditregistration.AuditSink{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "myconf",
+				},
+				Spec: auditregistration.AuditSinkSpec{
+					Policy: auditregistration.Policy{
+						Level: auditregistration.LevelRequest,
+						Stages: []auditregistration.Stage{
+							auditregistration.StageRequestReceived,
+						},
+					},
+					Webhook: auditregistration.Webhook{
+						Throttle: &auditregistration.WebhookThrottleConfig{
+							QPS: &testQPS,
+						},
+						ClientConfig: auditregistration.WebhookClientConfig{
+							URL: &testURL,
+						},
+					},
+				},
+			},
+			numErr: 0,
+		},
+		{
+			name: "should fail no policy",
+			conf: auditregistration.AuditSink{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "myconf",
+				},
+				Spec: auditregistration.AuditSinkSpec{
+					Webhook: auditregistration.Webhook{
+						ClientConfig: auditregistration.WebhookClientConfig{
+							URL: &testURL,
+						},
+					},
+				},
+			},
+			numErr: 1,
+		},
+		{
+			name: "should fail no webhook",
+			conf: auditregistration.AuditSink{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "myconf",
+				},
+				Spec: auditregistration.AuditSinkSpec{
+					Policy: auditregistration.Policy{
+						Level: auditregistration.LevelMetadata,
+						Stages: []auditregistration.Stage{
+							auditregistration.StageRequestReceived,
+						},
+					},
+				},
+			},
+			numErr: 1,
+		},
+	}
+
+	for _, test := range testCases {
+		t.Run(test.name, func(t *testing.T) {
+			errs := ValidateAuditSink(&test.conf)
+			require.Len(t, errs, test.numErr)
+		})
+	}
+}
+
+func TestValidatePolicy(t *testing.T) {
+	successCases := []auditregistration.Policy{}
+	successCases = append(successCases, auditregistration.Policy{ // Policy with omitStages and level
+		Level: auditregistration.LevelRequest,
+		Stages: []auditregistration.Stage{
+			auditregistration.Stage("RequestReceived"),
+			auditregistration.Stage("ResponseStarted"),
+		},
+	})
+	successCases = append(successCases, auditregistration.Policy{Level: auditregistration.LevelNone}) // Policy with none level only
+
+	for i, policy := range successCases {
+		if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) != 0 {
+			t.Errorf("[%d] Expected policy %#v to be valid: %v", i, policy, errs)
+		}
+	}
+
+	errorCases := []auditregistration.Policy{}
+	errorCases = append(errorCases, auditregistration.Policy{})                                 // Empty policy                                      // Policy with missing level
+	errorCases = append(errorCases, auditregistration.Policy{Stages: []auditregistration.Stage{ // Policy with invalid stages
+		auditregistration.Stage("Bad")}})
+	errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.Level("invalid")}) // Policy with bad level
+	errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.LevelMetadata})    // Policy without stages
+
+	for i, policy := range errorCases {
+		if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) == 0 {
+			t.Errorf("[%d] Expected policy %#v to be invalid!", i, policy)
+		}
+	}
+}
+
+func strPtr(s string) *string { return &s }
+
+func TestValidateWebhookConfiguration(t *testing.T) {
+	tests := []struct {
+		name          string
+		config        auditregistration.Webhook
+		expectedError string
+	}{
+		{
+			name: "both service and URL missing",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{},
+			},
+			expectedError: `exactly one of`,
+		},
+		{
+			name: "both service and URL provided",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+					},
+					URL: strPtr("example.com/k8s/webhook"),
+				},
+			},
+			expectedError: `webhook.clientConfig: Required value: exactly one of url or service is required`,
+		},
+		{
+			name: "blank URL",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					URL: strPtr(""),
+				},
+			},
+			expectedError: `webhook.clientConfig.url: Invalid value: "": host must be provided`,
+		},
+		{
+			name: "missing host",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					URL: strPtr("https:///fancy/webhook"),
+				},
+			},
+			expectedError: `host must be provided`,
+		},
+		{
+			name: "fragment",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					URL: strPtr("https://example.com/#bookmark"),
+				},
+			},
+			expectedError: `"bookmark": fragments are not permitted`,
+		},
+		{
+			name: "query",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					URL: strPtr("https://example.com?arg=value"),
+				},
+			},
+			expectedError: `"arg=value": query parameters are not permitted`,
+		},
+		{
+			name: "user",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					URL: strPtr("https://harry.potter@example.com/"),
+				},
+			},
+			expectedError: `"harry.potter": user information is not permitted`,
+		},
+		{
+			name: "just totally wrong",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					URL: strPtr("arg#backwards=thisis?html.index/port:host//:https"),
+				},
+			},
+			expectedError: `host must be provided`,
+		},
+		{
+			name: "path must start with slash",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+						Path:      strPtr("foo/"),
+					},
+				},
+			},
+			expectedError: `clientConfig.service.path: Invalid value: "foo/": must start with a '/'`,
+		},
+		{
+			name: "path accepts slash",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+						Path:      strPtr("/"),
+					},
+				},
+			},
+			expectedError: ``,
+		},
+		{
+			name: "path accepts no trailing slash",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+						Path:      strPtr("/foo"),
+					},
+				},
+			},
+			expectedError: ``,
+		},
+		{
+			name: "path fails //",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+						Path:      strPtr("//"),
+					},
+				},
+			},
+			expectedError: `clientConfig.service.path: Invalid value: "//": segment[0] may not be empty`,
+		},
+		{
+			name: "path no empty step",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+						Path:      strPtr("/foo//bar/"),
+					},
+				},
+			},
+			expectedError: `clientConfig.service.path: Invalid value: "/foo//bar/": segment[1] may not be empty`,
+		}, {
+			name: "path no empty step 2",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+						Path:      strPtr("/foo/bar//"),
+					},
+				},
+			},
+			expectedError: `clientConfig.service.path: Invalid value: "/foo/bar//": segment[2] may not be empty`,
+		},
+		{
+			name: "path no non-subdomain",
+			config: auditregistration.Webhook{
+				ClientConfig: auditregistration.WebhookClientConfig{
+					Service: &auditregistration.ServiceReference{
+						Namespace: "ns",
+						Name:      "n",
+						Path:      strPtr("/apis/foo.bar/v1alpha1/--bad"),
+					},
+				},
+			},
+			expectedError: `clientConfig.service.path: Invalid value: "/apis/foo.bar/v1alpha1/--bad": segment[3]: a DNS-1123 subdomain`,
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			errs := ValidateWebhook(test.config, field.NewPath("webhook"))
+			err := errs.ToAggregate()
+			if err != nil {
+				if e, a := test.expectedError, err.Error(); !strings.Contains(a, e) || e == "" {
+					t.Errorf("expected to contain \nerr: %s \ngot: %s", e, a)
+				}
+			} else {
+				if test.expectedError != "" {
+					t.Errorf("unexpected no error, expected to contain %s", test.expectedError)
+				}
+			}
+		})
+	}
+}

vendor/k8s.io/kubernetes/pkg/apis/auditregistration/zz_generated.deepcopy.go

@@ -0,0 +1,224 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package auditregistration
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AuditSink) DeepCopyInto(out *AuditSink) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSink.
+func (in *AuditSink) DeepCopy() *AuditSink {
+	if in == nil {
+		return nil
+	}
+	out := new(AuditSink)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *AuditSink) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AuditSinkList) DeepCopyInto(out *AuditSinkList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]AuditSink, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkList.
+func (in *AuditSinkList) DeepCopy() *AuditSinkList {
+	if in == nil {
+		return nil
+	}
+	out := new(AuditSinkList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *AuditSinkList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AuditSinkSpec) DeepCopyInto(out *AuditSinkSpec) {
+	*out = *in
+	in.Policy.DeepCopyInto(&out.Policy)
+	in.Webhook.DeepCopyInto(&out.Webhook)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkSpec.
+func (in *AuditSinkSpec) DeepCopy() *AuditSinkSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(AuditSinkSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Policy) DeepCopyInto(out *Policy) {
+	*out = *in
+	if in.Stages != nil {
+		in, out := &in.Stages, &out.Stages
+		*out = make([]Stage, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
+func (in *Policy) DeepCopy() *Policy {
+	if in == nil {
+		return nil
+	}
+	out := new(Policy)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceReference) DeepCopyInto(out *ServiceReference) {
+	*out = *in
+	if in.Path != nil {
+		in, out := &in.Path, &out.Path
+		*out = new(string)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference.
+func (in *ServiceReference) DeepCopy() *ServiceReference {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceReference)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Webhook) DeepCopyInto(out *Webhook) {
+	*out = *in
+	if in.Throttle != nil {
+		in, out := &in.Throttle, &out.Throttle
+		*out = new(WebhookThrottleConfig)
+		(*in).DeepCopyInto(*out)
+	}
+	in.ClientConfig.DeepCopyInto(&out.ClientConfig)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook.
+func (in *Webhook) DeepCopy() *Webhook {
+	if in == nil {
+		return nil
+	}
+	out := new(Webhook)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig) {
+	*out = *in
+	if in.URL != nil {
+		in, out := &in.URL, &out.URL
+		*out = new(string)
+		**out = **in
+	}
+	if in.Service != nil {
+		in, out := &in.Service, &out.Service
+		*out = new(ServiceReference)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.CABundle != nil {
+		in, out := &in.CABundle, &out.CABundle
+		*out = make([]byte, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig.
+func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(WebhookClientConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WebhookThrottleConfig) DeepCopyInto(out *WebhookThrottleConfig) {
+	*out = *in
+	if in.QPS != nil {
+		in, out := &in.QPS, &out.QPS
+		*out = new(int64)
+		**out = **in
+	}
+	if in.Burst != nil {
+		in, out := &in.Burst, &out.Burst
+		*out = new(int64)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookThrottleConfig.
+func (in *WebhookThrottleConfig) DeepCopy() *WebhookThrottleConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(WebhookThrottleConfig)
+	in.DeepCopyInto(out)
+	return out
+}