vendor files

vendor/k8s.io/kubernetes/pkg/api/pod/BUILD

@@ -0,0 +1,46 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+    "go_test",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["util.go"],
+    importpath = "k8s.io/kubernetes/pkg/api/pod",
+    deps = [
+        "//pkg/apis/core:go_default_library",
+        "//pkg/features:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["util_test.go"],
+    importpath = "k8s.io/kubernetes/pkg/api/pod",
+    library = ":go_default_library",
+    deps = [
+        "//pkg/apis/core:go_default_library",
+        "//pkg/features:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+    ],
+)

vendor/k8s.io/kubernetes/pkg/api/pod/OWNERS

@@ -0,0 +1,4 @@
+reviewers:
+- smarterclayton
+- thockin
+- david-mcmahon

vendor/k8s.io/kubernetes/pkg/api/pod/util.go

@@ -0,0 +1,278 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package pod
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/features"
+)
+
+// Visitor is called with each object name, and returns true if visiting should continue
+type Visitor func(name string) (shouldContinue bool)
+
+// VisitPodSecretNames invokes the visitor function with the name of every secret
+// referenced by the pod spec. If visitor returns false, visiting is short-circuited.
+// Transitive references (e.g. pod -> pvc -> pv -> secret) are not visited.
+// Returns true if visiting completed, false if visiting was short-circuited.
+func VisitPodSecretNames(pod *api.Pod, visitor Visitor) bool {
+	for _, reference := range pod.Spec.ImagePullSecrets {
+		if !visitor(reference.Name) {
+			return false
+		}
+	}
+	for i := range pod.Spec.InitContainers {
+		if !visitContainerSecretNames(&pod.Spec.InitContainers[i], visitor) {
+			return false
+		}
+	}
+	for i := range pod.Spec.Containers {
+		if !visitContainerSecretNames(&pod.Spec.Containers[i], visitor) {
+			return false
+		}
+	}
+	var source *api.VolumeSource
+	for i := range pod.Spec.Volumes {
+		source = &pod.Spec.Volumes[i].VolumeSource
+		switch {
+		case source.AzureFile != nil:
+			if len(source.AzureFile.SecretName) > 0 && !visitor(source.AzureFile.SecretName) {
+				return false
+			}
+		case source.CephFS != nil:
+			if source.CephFS.SecretRef != nil && !visitor(source.CephFS.SecretRef.Name) {
+				return false
+			}
+		case source.FlexVolume != nil:
+			if source.FlexVolume.SecretRef != nil && !visitor(source.FlexVolume.SecretRef.Name) {
+				return false
+			}
+		case source.Projected != nil:
+			for j := range source.Projected.Sources {
+				if source.Projected.Sources[j].Secret != nil {
+					if !visitor(source.Projected.Sources[j].Secret.Name) {
+						return false
+					}
+				}
+			}
+		case source.RBD != nil:
+			if source.RBD.SecretRef != nil && !visitor(source.RBD.SecretRef.Name) {
+				return false
+			}
+		case source.Secret != nil:
+			if !visitor(source.Secret.SecretName) {
+				return false
+			}
+		case source.ScaleIO != nil:
+			if source.ScaleIO.SecretRef != nil && !visitor(source.ScaleIO.SecretRef.Name) {
+				return false
+			}
+		case source.ISCSI != nil:
+			if source.ISCSI.SecretRef != nil && !visitor(source.ISCSI.SecretRef.Name) {
+				return false
+			}
+		case source.StorageOS != nil:
+			if source.StorageOS.SecretRef != nil && !visitor(source.StorageOS.SecretRef.Name) {
+				return false
+			}
+		}
+	}
+	return true
+}
+
+func visitContainerSecretNames(container *api.Container, visitor Visitor) bool {
+	for _, env := range container.EnvFrom {
+		if env.SecretRef != nil {
+			if !visitor(env.SecretRef.Name) {
+				return false
+			}
+		}
+	}
+	for _, envVar := range container.Env {
+		if envVar.ValueFrom != nil && envVar.ValueFrom.SecretKeyRef != nil {
+			if !visitor(envVar.ValueFrom.SecretKeyRef.Name) {
+				return false
+			}
+		}
+	}
+	return true
+}
+
+// VisitPodConfigmapNames invokes the visitor function with the name of every configmap
+// referenced by the pod spec. If visitor returns false, visiting is short-circuited.
+// Transitive references (e.g. pod -> pvc -> pv -> secret) are not visited.
+// Returns true if visiting completed, false if visiting was short-circuited.
+func VisitPodConfigmapNames(pod *api.Pod, visitor Visitor) bool {
+	for i := range pod.Spec.InitContainers {
+		if !visitContainerConfigmapNames(&pod.Spec.InitContainers[i], visitor) {
+			return false
+		}
+	}
+	for i := range pod.Spec.Containers {
+		if !visitContainerConfigmapNames(&pod.Spec.Containers[i], visitor) {
+			return false
+		}
+	}
+	var source *api.VolumeSource
+	for i := range pod.Spec.Volumes {
+		source = &pod.Spec.Volumes[i].VolumeSource
+		switch {
+		case source.Projected != nil:
+			for j := range source.Projected.Sources {
+				if source.Projected.Sources[j].ConfigMap != nil {
+					if !visitor(source.Projected.Sources[j].ConfigMap.Name) {
+						return false
+					}
+				}
+			}
+		case source.ConfigMap != nil:
+			if !visitor(source.ConfigMap.Name) {
+				return false
+			}
+		}
+	}
+	return true
+}
+
+func visitContainerConfigmapNames(container *api.Container, visitor Visitor) bool {
+	for _, env := range container.EnvFrom {
+		if env.ConfigMapRef != nil {
+			if !visitor(env.ConfigMapRef.Name) {
+				return false
+			}
+		}
+	}
+	for _, envVar := range container.Env {
+		if envVar.ValueFrom != nil && envVar.ValueFrom.ConfigMapKeyRef != nil {
+			if !visitor(envVar.ValueFrom.ConfigMapKeyRef.Name) {
+				return false
+			}
+		}
+	}
+	return true
+}
+
+// IsPodReady returns true if a pod is ready; false otherwise.
+func IsPodReady(pod *api.Pod) bool {
+	return IsPodReadyConditionTrue(pod.Status)
+}
+
+// IsPodReadyConditionTrue retruns true if a pod is ready; false otherwise.
+func IsPodReadyConditionTrue(status api.PodStatus) bool {
+	condition := GetPodReadyCondition(status)
+	return condition != nil && condition.Status == api.ConditionTrue
+}
+
+// GetPodReadyCondition extracts the pod ready condition from the given status and returns that.
+// Returns nil if the condition is not present.
+func GetPodReadyCondition(status api.PodStatus) *api.PodCondition {
+	_, condition := GetPodCondition(&status, api.PodReady)
+	return condition
+}
+
+// GetPodCondition extracts the provided condition from the given status and returns that.
+// Returns nil and -1 if the condition is not present, and the index of the located condition.
+func GetPodCondition(status *api.PodStatus, conditionType api.PodConditionType) (int, *api.PodCondition) {
+	if status == nil {
+		return -1, nil
+	}
+	for i := range status.Conditions {
+		if status.Conditions[i].Type == conditionType {
+			return i, &status.Conditions[i]
+		}
+	}
+	return -1, nil
+}
+
+// UpdatePodCondition updates existing pod condition or creates a new one. Sets LastTransitionTime to now if the
+// status has changed.
+// Returns true if pod condition has changed or has been added.
+func UpdatePodCondition(status *api.PodStatus, condition *api.PodCondition) bool {
+	condition.LastTransitionTime = metav1.Now()
+	// Try to find this pod condition.
+	conditionIndex, oldCondition := GetPodCondition(status, condition.Type)
+
+	if oldCondition == nil {
+		// We are adding new pod condition.
+		status.Conditions = append(status.Conditions, *condition)
+		return true
+	}
+	// We are updating an existing condition, so we need to check if it has changed.
+	if condition.Status == oldCondition.Status {
+		condition.LastTransitionTime = oldCondition.LastTransitionTime
+	}
+
+	isEqual := condition.Status == oldCondition.Status &&
+		condition.Reason == oldCondition.Reason &&
+		condition.Message == oldCondition.Message &&
+		condition.LastProbeTime.Equal(&oldCondition.LastProbeTime) &&
+		condition.LastTransitionTime.Equal(&oldCondition.LastTransitionTime)
+
+	status.Conditions[conditionIndex] = *condition
+	// Return true if one of the fields have changed.
+	return !isEqual
+}
+
+// DropDisabledAlphaFields removes disabled fields from the pod spec.
+// This should be called from PrepareForCreate/PrepareForUpdate for all resources containing a pod spec.
+func DropDisabledAlphaFields(podSpec *api.PodSpec) {
+	if !utilfeature.DefaultFeatureGate.Enabled(features.PodPriority) {
+		podSpec.Priority = nil
+		podSpec.PriorityClassName = ""
+	}
+
+	if !utilfeature.DefaultFeatureGate.Enabled(features.LocalStorageCapacityIsolation) {
+		for i := range podSpec.Volumes {
+			if podSpec.Volumes[i].EmptyDir != nil {
+				podSpec.Volumes[i].EmptyDir.SizeLimit = nil
+			}
+		}
+	}
+
+	for i := range podSpec.Containers {
+		DropDisabledVolumeMountsAlphaFields(podSpec.Containers[i].VolumeMounts)
+	}
+	for i := range podSpec.InitContainers {
+		DropDisabledVolumeMountsAlphaFields(podSpec.InitContainers[i].VolumeMounts)
+	}
+
+	DropDisabledVolumeDevicesAlphaFields(podSpec)
+}
+
+// DropDisabledVolumeMountsAlphaFields removes disabled fields from []VolumeMount.
+// This should be called from PrepareForCreate/PrepareForUpdate for all resources containing a VolumeMount
+func DropDisabledVolumeMountsAlphaFields(volumeMounts []api.VolumeMount) {
+	if !utilfeature.DefaultFeatureGate.Enabled(features.MountPropagation) {
+		for i := range volumeMounts {
+			volumeMounts[i].MountPropagation = nil
+		}
+	}
+}
+
+// DropDisabledVolumeDevicesAlphaFields removes disabled fields from []VolumeDevice.
+// This should be called from PrepareForCreate/PrepareForUpdate for all resources containing a VolumeDevice
+func DropDisabledVolumeDevicesAlphaFields(podSpec *api.PodSpec) {
+	if !utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
+		for i := range podSpec.Containers {
+			podSpec.Containers[i].VolumeDevices = nil
+		}
+		for i := range podSpec.InitContainers {
+			podSpec.InitContainers[i].VolumeDevices = nil
+		}
+	}
+}

vendor/k8s.io/kubernetes/pkg/api/pod/util_test.go

@@ -0,0 +1,340 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package pod
+
+import (
+	"reflect"
+	"testing"
+
+	"strings"
+
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/features"
+)
+
+func TestPodSecrets(t *testing.T) {
+	// Stub containing all possible secret references in a pod.
+	// The names of the referenced secrets match struct paths detected by reflection.
+	pod := &api.Pod{
+		Spec: api.PodSpec{
+			Containers: []api.Container{{
+				EnvFrom: []api.EnvFromSource{{
+					SecretRef: &api.SecretEnvSource{
+						LocalObjectReference: api.LocalObjectReference{
+							Name: "Spec.Containers[*].EnvFrom[*].SecretRef"}}}},
+				Env: []api.EnvVar{{
+					ValueFrom: &api.EnvVarSource{
+						SecretKeyRef: &api.SecretKeySelector{
+							LocalObjectReference: api.LocalObjectReference{
+								Name: "Spec.Containers[*].Env[*].ValueFrom.SecretKeyRef"}}}}}}},
+			ImagePullSecrets: []api.LocalObjectReference{{
+				Name: "Spec.ImagePullSecrets"}},
+			InitContainers: []api.Container{{
+				EnvFrom: []api.EnvFromSource{{
+					SecretRef: &api.SecretEnvSource{
+						LocalObjectReference: api.LocalObjectReference{
+							Name: "Spec.InitContainers[*].EnvFrom[*].SecretRef"}}}},
+				Env: []api.EnvVar{{
+					ValueFrom: &api.EnvVarSource{
+						SecretKeyRef: &api.SecretKeySelector{
+							LocalObjectReference: api.LocalObjectReference{
+								Name: "Spec.InitContainers[*].Env[*].ValueFrom.SecretKeyRef"}}}}}}},
+			Volumes: []api.Volume{{
+				VolumeSource: api.VolumeSource{
+					AzureFile: &api.AzureFileVolumeSource{
+						SecretName: "Spec.Volumes[*].VolumeSource.AzureFile.SecretName"}}}, {
+				VolumeSource: api.VolumeSource{
+					CephFS: &api.CephFSVolumeSource{
+						SecretRef: &api.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.CephFS.SecretRef"}}}}, {
+				VolumeSource: api.VolumeSource{
+					FlexVolume: &api.FlexVolumeSource{
+						SecretRef: &api.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.FlexVolume.SecretRef"}}}}, {
+				VolumeSource: api.VolumeSource{
+					Projected: &api.ProjectedVolumeSource{
+						Sources: []api.VolumeProjection{{
+							Secret: &api.SecretProjection{
+								LocalObjectReference: api.LocalObjectReference{
+									Name: "Spec.Volumes[*].VolumeSource.Projected.Sources[*].Secret"}}}}}}}, {
+				VolumeSource: api.VolumeSource{
+					RBD: &api.RBDVolumeSource{
+						SecretRef: &api.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.RBD.SecretRef"}}}}, {
+				VolumeSource: api.VolumeSource{
+					Secret: &api.SecretVolumeSource{
+						SecretName: "Spec.Volumes[*].VolumeSource.Secret.SecretName"}}}, {
+				VolumeSource: api.VolumeSource{
+					Secret: &api.SecretVolumeSource{
+						SecretName: "Spec.Volumes[*].VolumeSource.Secret"}}}, {
+				VolumeSource: api.VolumeSource{
+					ScaleIO: &api.ScaleIOVolumeSource{
+						SecretRef: &api.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef"}}}}, {
+				VolumeSource: api.VolumeSource{
+					ISCSI: &api.ISCSIVolumeSource{
+						SecretRef: &api.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.ISCSI.SecretRef"}}}}, {
+				VolumeSource: api.VolumeSource{
+					StorageOS: &api.StorageOSVolumeSource{
+						SecretRef: &api.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.StorageOS.SecretRef"}}}}},
+		},
+	}
+	extractedNames := sets.NewString()
+	VisitPodSecretNames(pod, func(name string) bool {
+		extractedNames.Insert(name)
+		return true
+	})
+
+	// excludedSecretPaths holds struct paths to fields with "secret" in the name that are not actually references to secret API objects
+	excludedSecretPaths := sets.NewString(
+		"Spec.Volumes[*].VolumeSource.CephFS.SecretFile",
+	)
+	// expectedSecretPaths holds struct paths to fields with "secret" in the name that are references to secret API objects.
+	// every path here should be represented as an example in the Pod stub above, with the secret name set to the path.
+	expectedSecretPaths := sets.NewString(
+		"Spec.Containers[*].EnvFrom[*].SecretRef",
+		"Spec.Containers[*].Env[*].ValueFrom.SecretKeyRef",
+		"Spec.ImagePullSecrets",
+		"Spec.InitContainers[*].EnvFrom[*].SecretRef",
+		"Spec.InitContainers[*].Env[*].ValueFrom.SecretKeyRef",
+		"Spec.Volumes[*].VolumeSource.AzureFile.SecretName",
+		"Spec.Volumes[*].VolumeSource.CephFS.SecretRef",
+		"Spec.Volumes[*].VolumeSource.FlexVolume.SecretRef",
+		"Spec.Volumes[*].VolumeSource.Projected.Sources[*].Secret",
+		"Spec.Volumes[*].VolumeSource.RBD.SecretRef",
+		"Spec.Volumes[*].VolumeSource.Secret",
+		"Spec.Volumes[*].VolumeSource.Secret.SecretName",
+		"Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef",
+		"Spec.Volumes[*].VolumeSource.ISCSI.SecretRef",
+		"Spec.Volumes[*].VolumeSource.StorageOS.SecretRef",
+	)
+	secretPaths := collectResourcePaths(t, "secret", nil, "", reflect.TypeOf(&api.Pod{}))
+	secretPaths = secretPaths.Difference(excludedSecretPaths)
+	if missingPaths := expectedSecretPaths.Difference(secretPaths); len(missingPaths) > 0 {
+		t.Logf("Missing expected secret paths:\n%s", strings.Join(missingPaths.List(), "\n"))
+		t.Error("Missing expected secret paths. Verify VisitPodSecretNames() is correctly finding the missing paths, then correct expectedSecretPaths")
+	}
+	if extraPaths := secretPaths.Difference(expectedSecretPaths); len(extraPaths) > 0 {
+		t.Logf("Extra secret paths:\n%s", strings.Join(extraPaths.List(), "\n"))
+		t.Error("Extra fields with 'secret' in the name found. Verify VisitPodSecretNames() is including these fields if appropriate, then correct expectedSecretPaths")
+	}
+
+	if missingNames := expectedSecretPaths.Difference(extractedNames); len(missingNames) > 0 {
+		t.Logf("Missing expected secret names:\n%s", strings.Join(missingNames.List(), "\n"))
+		t.Error("Missing expected secret names. Verify the pod stub above includes these references, then verify VisitPodSecretNames() is correctly finding the missing names")
+	}
+	if extraNames := extractedNames.Difference(expectedSecretPaths); len(extraNames) > 0 {
+		t.Logf("Extra secret names:\n%s", strings.Join(extraNames.List(), "\n"))
+		t.Error("Extra secret names extracted. Verify VisitPodSecretNames() is correctly extracting secret names")
+	}
+}
+
+// collectResourcePaths traverses the object, computing all the struct paths that lead to fields with resourcename in the name.
+func collectResourcePaths(t *testing.T, resourcename string, path *field.Path, name string, tp reflect.Type) sets.String {
+	resourcename = strings.ToLower(resourcename)
+	resourcePaths := sets.NewString()
+
+	if tp.Kind() == reflect.Ptr {
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path, name, tp.Elem()).List()...)
+		return resourcePaths
+	}
+
+	if strings.Contains(strings.ToLower(name), resourcename) {
+		resourcePaths.Insert(path.String())
+	}
+
+	switch tp.Kind() {
+	case reflect.Ptr:
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path, name, tp.Elem()).List()...)
+	case reflect.Struct:
+		for i := 0; i < tp.NumField(); i++ {
+			field := tp.Field(i)
+			resourcePaths.Insert(collectResourcePaths(t, resourcename, path.Child(field.Name), field.Name, field.Type).List()...)
+		}
+	case reflect.Interface:
+		t.Errorf("cannot find %s fields in interface{} field %s", resourcename, path.String())
+	case reflect.Map:
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path.Key("*"), "", tp.Elem()).List()...)
+	case reflect.Slice:
+		resourcePaths.Insert(collectResourcePaths(t, resourcename, path.Key("*"), "", tp.Elem()).List()...)
+	default:
+		// all primitive types
+	}
+
+	return resourcePaths
+}
+
+func TestPodConfigmaps(t *testing.T) {
+	// Stub containing all possible ConfigMap references in a pod.
+	// The names of the referenced ConfigMaps match struct paths detected by reflection.
+	pod := &api.Pod{
+		Spec: api.PodSpec{
+			Containers: []api.Container{{
+				EnvFrom: []api.EnvFromSource{{
+					ConfigMapRef: &api.ConfigMapEnvSource{
+						LocalObjectReference: api.LocalObjectReference{
+							Name: "Spec.Containers[*].EnvFrom[*].ConfigMapRef"}}}},
+				Env: []api.EnvVar{{
+					ValueFrom: &api.EnvVarSource{
+						ConfigMapKeyRef: &api.ConfigMapKeySelector{
+							LocalObjectReference: api.LocalObjectReference{
+								Name: "Spec.Containers[*].Env[*].ValueFrom.ConfigMapKeyRef"}}}}}}},
+			InitContainers: []api.Container{{
+				EnvFrom: []api.EnvFromSource{{
+					ConfigMapRef: &api.ConfigMapEnvSource{
+						LocalObjectReference: api.LocalObjectReference{
+							Name: "Spec.InitContainers[*].EnvFrom[*].ConfigMapRef"}}}},
+				Env: []api.EnvVar{{
+					ValueFrom: &api.EnvVarSource{
+						ConfigMapKeyRef: &api.ConfigMapKeySelector{
+							LocalObjectReference: api.LocalObjectReference{
+								Name: "Spec.InitContainers[*].Env[*].ValueFrom.ConfigMapKeyRef"}}}}}}},
+			Volumes: []api.Volume{{
+				VolumeSource: api.VolumeSource{
+					Projected: &api.ProjectedVolumeSource{
+						Sources: []api.VolumeProjection{{
+							ConfigMap: &api.ConfigMapProjection{
+								LocalObjectReference: api.LocalObjectReference{
+									Name: "Spec.Volumes[*].VolumeSource.Projected.Sources[*].ConfigMap"}}}}}}}, {
+				VolumeSource: api.VolumeSource{
+					ConfigMap: &api.ConfigMapVolumeSource{
+						LocalObjectReference: api.LocalObjectReference{
+							Name: "Spec.Volumes[*].VolumeSource.ConfigMap"}}}}},
+		},
+	}
+	extractedNames := sets.NewString()
+	VisitPodConfigmapNames(pod, func(name string) bool {
+		extractedNames.Insert(name)
+		return true
+	})
+
+	// expectedPaths holds struct paths to fields with "ConfigMap" in the name that are references to ConfigMap API objects.
+	// every path here should be represented as an example in the Pod stub above, with the ConfigMap name set to the path.
+	expectedPaths := sets.NewString(
+		"Spec.Containers[*].EnvFrom[*].ConfigMapRef",
+		"Spec.Containers[*].Env[*].ValueFrom.ConfigMapKeyRef",
+		"Spec.InitContainers[*].EnvFrom[*].ConfigMapRef",
+		"Spec.InitContainers[*].Env[*].ValueFrom.ConfigMapKeyRef",
+		"Spec.Volumes[*].VolumeSource.Projected.Sources[*].ConfigMap",
+		"Spec.Volumes[*].VolumeSource.ConfigMap",
+	)
+	collectPaths := collectResourcePaths(t, "ConfigMap", nil, "", reflect.TypeOf(&api.Pod{}))
+	if missingPaths := expectedPaths.Difference(collectPaths); len(missingPaths) > 0 {
+		t.Logf("Missing expected paths:\n%s", strings.Join(missingPaths.List(), "\n"))
+		t.Error("Missing expected paths. Verify VisitPodConfigmapNames() is correctly finding the missing paths, then correct expectedPaths")
+	}
+	if extraPaths := collectPaths.Difference(expectedPaths); len(extraPaths) > 0 {
+		t.Logf("Extra paths:\n%s", strings.Join(extraPaths.List(), "\n"))
+		t.Error("Extra fields with resource in the name found. Verify VisitPodConfigmapNames() is including these fields if appropriate, then correct expectedPaths")
+	}
+
+	if missingNames := expectedPaths.Difference(extractedNames); len(missingNames) > 0 {
+		t.Logf("Missing expected names:\n%s", strings.Join(missingNames.List(), "\n"))
+		t.Error("Missing expected names. Verify the pod stub above includes these references, then verify VisitPodConfigmapNames() is correctly finding the missing names")
+	}
+	if extraNames := extractedNames.Difference(expectedPaths); len(extraNames) > 0 {
+		t.Logf("Extra names:\n%s", strings.Join(extraNames.List(), "\n"))
+		t.Error("Extra names extracted. Verify VisitPodConfigmapNames() is correctly extracting resource names")
+	}
+}
+
+func TestDropAlphaVolumeDevices(t *testing.T) {
+	testPod := api.Pod{
+		Spec: api.PodSpec{
+			RestartPolicy: api.RestartPolicyNever,
+			Containers: []api.Container{
+				{
+					Name:  "container1",
+					Image: "testimage",
+					VolumeDevices: []api.VolumeDevice{
+						{
+							Name:       "myvolume",
+							DevicePath: "/usr/test",
+						},
+					},
+				},
+			},
+			InitContainers: []api.Container{
+				{
+					Name:  "container1",
+					Image: "testimage",
+					VolumeDevices: []api.VolumeDevice{
+						{
+							Name:       "myvolume",
+							DevicePath: "/usr/test",
+						},
+					},
+				},
+			},
+			Volumes: []api.Volume{
+				{
+					Name: "myvolume",
+					VolumeSource: api.VolumeSource{
+						HostPath: &api.HostPathVolumeSource{
+							Path: "/dev/xvdc",
+						},
+					},
+				},
+			},
+		},
+	}
+
+	// Enable alpha feature BlockVolume
+	err1 := utilfeature.DefaultFeatureGate.Set("BlockVolume=true")
+	if err1 != nil {
+		t.Fatalf("Failed to enable feature gate for BlockVolume: %v", err1)
+	}
+
+	// now test dropping the fields - should not be dropped
+	DropDisabledAlphaFields(&testPod.Spec)
+
+	// check to make sure VolumeDevices is still present
+	// if featureset is set to true
+	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
+		if testPod.Spec.Containers[0].VolumeDevices == nil {
+			t.Error("VolumeDevices in Container should not have been dropped based on feature-gate")
+		}
+		if testPod.Spec.InitContainers[0].VolumeDevices == nil {
+			t.Error("VolumeDevices in Container should not have been dropped based on feature-gate")
+		}
+	}
+
+	// Disable alpha feature BlockVolume
+	err := utilfeature.DefaultFeatureGate.Set("BlockVolume=false")
+	if err != nil {
+		t.Fatalf("Failed to disable feature gate for BlockVolume: %v", err)
+	}
+
+	// now test dropping the fields
+	DropDisabledAlphaFields(&testPod.Spec)
+
+	// check to make sure VolumeDevices is nil
+	// if featureset is set to false
+	if !utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
+		if testPod.Spec.Containers[0].VolumeDevices != nil {
+			t.Error("DropDisabledAlphaFields for Containers failed")
+		}
+		if testPod.Spec.InitContainers[0].VolumeDevices != nil {
+			t.Error("DropDisabledAlphaFields for InitContainers failed")
+		}
+	}
+}