vendor update for CSI 0.3.0

2025-06-13 18:43:34 +00:00 · 2018-07-18 16:47:22 +02:00
parent 6f484f92fc
commit 8ea659f0d5
6810 changed files with 438061 additions and 193861 deletions
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/BUILD
@ -0,0 +1,117 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "create.go",
+        "create_clusterrole.go",
+        "create_clusterrolebinding.go",
+        "create_configmap.go",
+        "create_deployment.go",
+        "create_job.go",
+        "create_namespace.go",
+        "create_pdb.go",
+        "create_priorityclass.go",
+        "create_quota.go",
+        "create_role.go",
+        "create_rolebinding.go",
+        "create_secret.go",
+        "create_service.go",
+        "create_serviceaccount.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/kubectl/cmd/create",
+    visibility = ["//build/visible_to:pkg_kubectl_cmd_create_CONSUMERS"],
+    deps = [
+        "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/kubectl:go_default_library",
+        "//pkg/kubectl/cmd/templates:go_default_library",
+        "//pkg/kubectl/cmd/util:go_default_library",
+        "//pkg/kubectl/cmd/util/editor:go_default_library",
+        "//pkg/kubectl/genericclioptions:go_default_library",
+        "//pkg/kubectl/genericclioptions/resource:go_default_library",
+        "//pkg/kubectl/scheme:go_default_library",
+        "//pkg/kubectl/util/i18n:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/spf13/cobra:go_default_library",
+        "//vendor/k8s.io/api/batch/v1:go_default_library",
+        "//vendor/k8s.io/api/batch/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/api/rbac/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
+        "//vendor/k8s.io/client-go/dynamic:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/batch/v1:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/rbac/v1:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "create_clusterrole_test.go",
+        "create_clusterrolebinding_test.go",
+        "create_configmap_test.go",
+        "create_deployment_test.go",
+        "create_job_test.go",
+        "create_namespace_test.go",
+        "create_pdb_test.go",
+        "create_priorityclass_test.go",
+        "create_quota_test.go",
+        "create_role_test.go",
+        "create_rolebinding_test.go",
+        "create_secret_test.go",
+        "create_service_test.go",
+        "create_serviceaccount_test.go",
+        "create_test.go",
+    ],
+    data = [
+        "//test/e2e/testing-manifests:all-srcs",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/api/testing:go_default_library",
+        "//pkg/apis/core:go_default_library",
+        "//pkg/kubectl:go_default_library",
+        "//pkg/kubectl/cmd/testing:go_default_library",
+        "//pkg/kubectl/cmd/util:go_default_library",
+        "//pkg/kubectl/genericclioptions:go_default_library",
+        "//pkg/kubectl/genericclioptions/resource:go_default_library",
+        "//pkg/kubectl/scheme:go_default_library",
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
+        "//vendor/k8s.io/api/batch/v1:go_default_library",
+        "//vendor/k8s.io/api/batch/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/api/rbac/v1:go_default_library",
+        "//vendor/k8s.io/api/rbac/v1beta1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
+        "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/rest/fake:go_default_library",
+        "//vendor/k8s.io/client-go/testing:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create.go
@ -0,0 +1,451 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"fmt"
+	"io"
+	"net/url"
+	"os"
+	"runtime"
+	"strings"
+
+	"github.com/golang/glog"
+	"github.com/spf13/cobra"
+
+	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	kruntime "k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/dynamic"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/util/editor"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions/resource"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+	"k8s.io/kubernetes/pkg/printers"
+)
+
+type CreateOptions struct {
+	PrintFlags  *genericclioptions.PrintFlags
+	RecordFlags *genericclioptions.RecordFlags
+
+	DryRun bool
+
+	FilenameOptions  resource.FilenameOptions
+	Selector         string
+	EditBeforeCreate bool
+	Raw              string
+
+	Recorder genericclioptions.Recorder
+	PrintObj func(obj kruntime.Object) error
+
+	genericclioptions.IOStreams
+}
+
+var (
+	createLong = templates.LongDesc(i18n.T(`
+		Create a resource from a file or from stdin.
+
+		JSON and YAML formats are accepted.`))
+
+	createExample = templates.Examples(i18n.T(`
+		# Create a pod using the data in pod.json.
+		kubectl create -f ./pod.json
+
+		# Create a pod based on the JSON passed into stdin.
+		cat pod.json | kubectl create -f -
+
+		# Edit the data in docker-registry.yaml in JSON then create the resource using the edited data.
+		kubectl create -f docker-registry.yaml --edit -o json`))
+)
+
+func NewCreateOptions(ioStreams genericclioptions.IOStreams) *CreateOptions {
+	return &CreateOptions{
+		PrintFlags:  genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+		RecordFlags: genericclioptions.NewRecordFlags(),
+
+		Recorder: genericclioptions.NoopRecorder{},
+
+		IOStreams: ioStreams,
+	}
+}
+
+func NewCmdCreate(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	o := NewCreateOptions(ioStreams)
+
+	cmd := &cobra.Command{
+		Use: "create -f FILENAME",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a resource from a file or from stdin."),
+		Long:    createLong,
+		Example: createExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			if cmdutil.IsFilenameSliceEmpty(o.FilenameOptions.Filenames) {
+				defaultRunFunc := cmdutil.DefaultSubCommandRun(ioStreams.ErrOut)
+				defaultRunFunc(cmd, args)
+				return
+			}
+			cmdutil.CheckErr(o.Complete(f, cmd))
+			cmdutil.CheckErr(o.ValidateArgs(cmd, args))
+			cmdutil.CheckErr(o.RunCreate(f, cmd))
+		},
+	}
+
+	// bind flag structs
+	o.RecordFlags.AddFlags(cmd)
+
+	usage := "to use to create the resource"
+	cmdutil.AddFilenameOptionFlags(cmd, &o.FilenameOptions, usage)
+	cmd.MarkFlagRequired("filename")
+	cmdutil.AddValidateFlags(cmd)
+	cmd.Flags().BoolVar(&o.EditBeforeCreate, "edit", o.EditBeforeCreate, "Edit the API resource before creating")
+	cmd.Flags().Bool("windows-line-endings", runtime.GOOS == "windows",
+		"Only relevant if --edit=true. Defaults to the line ending native to your platform.")
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddDryRunFlag(cmd)
+	cmd.Flags().StringVarP(&o.Selector, "selector", "l", o.Selector, "Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2)")
+	cmd.Flags().StringVar(&o.Raw, "raw", o.Raw, "Raw URI to POST to the server.  Uses the transport specified by the kubeconfig file.")
+
+	o.PrintFlags.AddFlags(cmd)
+
+	// create subcommands
+	cmd.AddCommand(NewCmdCreateNamespace(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateQuota(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateSecret(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateConfigMap(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateServiceAccount(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateService(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateDeployment(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateClusterRole(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateClusterRoleBinding(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateRole(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateRoleBinding(f, ioStreams))
+	cmd.AddCommand(NewCmdCreatePodDisruptionBudget(f, ioStreams))
+	cmd.AddCommand(NewCmdCreatePriorityClass(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateJob(f, ioStreams))
+	return cmd
+}
+
+func (o *CreateOptions) ValidateArgs(cmd *cobra.Command, args []string) error {
+	if len(args) != 0 {
+		return cmdutil.UsageErrorf(cmd, "Unexpected args: %v", args)
+	}
+	if len(o.Raw) > 0 {
+		if o.EditBeforeCreate {
+			return cmdutil.UsageErrorf(cmd, "--raw and --edit are mutually exclusive")
+		}
+		if len(o.FilenameOptions.Filenames) != 1 {
+			return cmdutil.UsageErrorf(cmd, "--raw can only use a single local file or stdin")
+		}
+		if strings.Index(o.FilenameOptions.Filenames[0], "http://") == 0 || strings.Index(o.FilenameOptions.Filenames[0], "https://") == 0 {
+			return cmdutil.UsageErrorf(cmd, "--raw cannot read from a url")
+		}
+		if o.FilenameOptions.Recursive {
+			return cmdutil.UsageErrorf(cmd, "--raw and --recursive are mutually exclusive")
+		}
+		if len(o.Selector) > 0 {
+			return cmdutil.UsageErrorf(cmd, "--raw and --selector (-l) are mutually exclusive")
+		}
+		if len(cmdutil.GetFlagString(cmd, "output")) > 0 {
+			return cmdutil.UsageErrorf(cmd, "--raw and --output are mutually exclusive")
+		}
+		if _, err := url.ParseRequestURI(o.Raw); err != nil {
+			return cmdutil.UsageErrorf(cmd, "--raw must be a valid URL path: %v", err)
+		}
+	}
+
+	return nil
+}
+
+func (o *CreateOptions) Complete(f cmdutil.Factory, cmd *cobra.Command) error {
+	var err error
+
+	o.RecordFlags.Complete(cmd)
+	o.Recorder, err = o.RecordFlags.ToRecorder()
+	if err != nil {
+		return err
+	}
+
+	o.DryRun = cmdutil.GetDryRunFlag(cmd)
+
+	if o.DryRun {
+		o.PrintFlags.Complete("%s (dry run)")
+	}
+	printer, err := o.PrintFlags.ToPrinter()
+	if err != nil {
+		return err
+	}
+
+	o.PrintObj = func(obj kruntime.Object) error {
+		return printer.PrintObj(obj, o.Out)
+	}
+
+	return nil
+}
+
+func (o *CreateOptions) RunCreate(f cmdutil.Factory, cmd *cobra.Command) error {
+	// raw only makes sense for a single file resource multiple objects aren't likely to do what you want.
+	// the validator enforces this, so
+	if len(o.Raw) > 0 {
+		return o.raw(f)
+	}
+
+	if o.EditBeforeCreate {
+		return RunEditOnCreate(f, o.RecordFlags, o.IOStreams, cmd, &o.FilenameOptions)
+	}
+	schema, err := f.Validator(cmdutil.GetFlagBool(cmd, "validate"))
+	if err != nil {
+		return err
+	}
+
+	cmdNamespace, enforceNamespace, err := f.ToRawKubeConfigLoader().Namespace()
+	if err != nil {
+		return err
+	}
+
+	r := f.NewBuilder().
+		Unstructured().
+		Schema(schema).
+		ContinueOnError().
+		NamespaceParam(cmdNamespace).DefaultNamespace().
+		FilenameParam(enforceNamespace, &o.FilenameOptions).
+		LabelSelectorParam(o.Selector).
+		Flatten().
+		Do()
+	err = r.Err()
+	if err != nil {
+		return err
+	}
+
+	count := 0
+	err = r.Visit(func(info *resource.Info, err error) error {
+		if err != nil {
+			return err
+		}
+		if err := kubectl.CreateOrUpdateAnnotation(cmdutil.GetFlagBool(cmd, cmdutil.ApplyAnnotationsFlag), info.Object, cmdutil.InternalVersionJSONEncoder()); err != nil {
+			return cmdutil.AddSourceToErr("creating", info.Source, err)
+		}
+
+		if err := o.Recorder.Record(info.Object); err != nil {
+			glog.V(4).Infof("error recording current command: %v", err)
+		}
+
+		if !o.DryRun {
+			if err := createAndRefresh(info); err != nil {
+				return cmdutil.AddSourceToErr("creating", info.Source, err)
+			}
+		}
+
+		count++
+
+		return o.PrintObj(info.Object)
+	})
+	if err != nil {
+		return err
+	}
+	if count == 0 {
+		return fmt.Errorf("no objects passed to create")
+	}
+	return nil
+}
+
+// raw makes a simple HTTP request to the provided path on the server using the default
+// credentials.
+func (o *CreateOptions) raw(f cmdutil.Factory) error {
+	restClient, err := f.RESTClient()
+	if err != nil {
+		return err
+	}
+
+	var data io.ReadCloser
+	if o.FilenameOptions.Filenames[0] == "-" {
+		data = os.Stdin
+	} else {
+		data, err = os.Open(o.FilenameOptions.Filenames[0])
+		if err != nil {
+			return err
+		}
+	}
+	// TODO post content with stream.  Right now it ignores body content
+	result := restClient.Post().RequestURI(o.Raw).Body(data).Do()
+	if err := result.Error(); err != nil {
+		return err
+	}
+	body, err := result.Raw()
+	if err != nil {
+		return err
+	}
+
+	fmt.Fprintf(o.Out, "%v", string(body))
+	return nil
+}
+
+func RunEditOnCreate(f cmdutil.Factory, recordFlags *genericclioptions.RecordFlags, ioStreams genericclioptions.IOStreams, cmd *cobra.Command, options *resource.FilenameOptions) error {
+	editOptions := editor.NewEditOptions(editor.EditBeforeCreateMode, ioStreams)
+	editOptions.FilenameOptions = *options
+	editOptions.ValidateOptions = cmdutil.ValidateOptions{
+		EnableValidation: cmdutil.GetFlagBool(cmd, "validate"),
+	}
+	editOptions.Output = cmdutil.GetFlagString(cmd, "output")
+	editOptions.ApplyAnnotation = cmdutil.GetFlagBool(cmd, cmdutil.ApplyAnnotationsFlag)
+	editOptions.RecordFlags = recordFlags
+
+	err := editOptions.Complete(f, []string{}, cmd)
+	if err != nil {
+		return err
+	}
+	return editOptions.Run()
+}
+
+// createAndRefresh creates an object from input info and refreshes info with that object
+func createAndRefresh(info *resource.Info) error {
+	obj, err := resource.NewHelper(info.Client, info.Mapping).Create(info.Namespace, true, info.Object)
+	if err != nil {
+		return err
+	}
+	info.Refresh(obj, true)
+	return nil
+}
+
+// NameFromCommandArgs is a utility function for commands that assume the first argument is a resource name
+func NameFromCommandArgs(cmd *cobra.Command, args []string) (string, error) {
+	if len(args) != 1 {
+		return "", cmdutil.UsageErrorf(cmd, "exactly one NAME is required, got %d", len(args))
+	}
+	return args[0], nil
+}
+
+// CreateSubcommandOptions is an options struct to support create subcommands
+type CreateSubcommandOptions struct {
+	// PrintFlags holds options necessary for obtaining a printer
+	PrintFlags *genericclioptions.PrintFlags
+	// Name of resource being created
+	Name string
+	// StructuredGenerator is the resource generator for the object being created
+	StructuredGenerator kubectl.StructuredGenerator
+	// DryRun is true if the command should be simulated but not run against the server
+	DryRun           bool
+	CreateAnnotation bool
+
+	Namespace        string
+	EnforceNamespace bool
+
+	Mapper        meta.RESTMapper
+	DynamicClient dynamic.Interface
+
+	PrintObj printers.ResourcePrinterFunc
+
+	genericclioptions.IOStreams
+}
+
+func NewCreateSubcommandOptions(ioStreams genericclioptions.IOStreams) *CreateSubcommandOptions {
+	return &CreateSubcommandOptions{
+		PrintFlags: genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+		IOStreams:  ioStreams,
+	}
+}
+
+func (o *CreateSubcommandOptions) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string, generator kubectl.StructuredGenerator) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	o.Name = name
+	o.StructuredGenerator = generator
+	o.DryRun = cmdutil.GetDryRunFlag(cmd)
+	o.CreateAnnotation = cmdutil.GetFlagBool(cmd, cmdutil.ApplyAnnotationsFlag)
+
+	if o.DryRun {
+		o.PrintFlags.Complete("%s (dry run)")
+	}
+	printer, err := o.PrintFlags.ToPrinter()
+	if err != nil {
+		return err
+	}
+
+	o.PrintObj = func(obj kruntime.Object, out io.Writer) error {
+		return printer.PrintObj(obj, out)
+	}
+
+	o.Namespace, o.EnforceNamespace, err = f.ToRawKubeConfigLoader().Namespace()
+	if err != nil {
+		return err
+	}
+
+	o.DynamicClient, err = f.DynamicClient()
+	if err != nil {
+		return err
+	}
+
+	o.Mapper, err = f.ToRESTMapper()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// RunCreateSubcommand executes a create subcommand using the specified options
+func (o *CreateSubcommandOptions) Run() error {
+	obj, err := o.StructuredGenerator.StructuredGenerate()
+	if err != nil {
+		return err
+	}
+	if !o.DryRun {
+		// create subcommands have compiled knowledge of things they create, so type them directly
+		gvks, _, err := legacyscheme.Scheme.ObjectKinds(obj)
+		if err != nil {
+			return err
+		}
+		gvk := gvks[0]
+		mapping, err := o.Mapper.RESTMapping(schema.GroupKind{Group: gvk.Group, Kind: gvk.Kind}, gvk.Version)
+		if err != nil {
+			return err
+		}
+
+		if err := kubectl.CreateOrUpdateAnnotation(o.CreateAnnotation, obj, cmdutil.InternalVersionJSONEncoder()); err != nil {
+			return err
+		}
+
+		asUnstructured := &unstructured.Unstructured{}
+
+		if err := legacyscheme.Scheme.Convert(obj, asUnstructured, nil); err != nil {
+			return err
+		}
+		if mapping.Scope.Name() == meta.RESTScopeNameRoot {
+			o.Namespace = ""
+		}
+		actualObject, err := o.DynamicClient.Resource(mapping.Resource).Namespace(o.Namespace).Create(asUnstructured)
+		if err != nil {
+			return err
+		}
+
+		// ensure we pass a versioned object to the printer
+		obj = actualObject
+	} else {
+		if meta, err := meta.Accessor(obj); err == nil && o.EnforceNamespace {
+			meta.SetNamespace(o.Namespace)
+		}
+	}
+
+	return o.PrintObj(obj, o.Out)
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrole.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrole.go
@ -0,0 +1,206 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/spf13/cobra"
+
+	rbacv1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	utilflag "k8s.io/apiserver/pkg/util/flag"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	clusterRoleLong = templates.LongDesc(i18n.T(`
+		Create a ClusterRole.`))
+
+	clusterRoleExample = templates.Examples(i18n.T(`
+		# Create a ClusterRole named "pod-reader" that allows user to perform "get", "watch" and "list" on pods
+		kubectl create clusterrole pod-reader --verb=get,list,watch --resource=pods
+
+		# Create a ClusterRole named "pod-reader" with ResourceName specified
+		kubectl create clusterrole pod-reader --verb=get --resource=pods --resource-name=readablepod --resource-name=anotherpod
+
+		# Create a ClusterRole named "foo" with API Group specified
+		kubectl create clusterrole foo --verb=get,list,watch --resource=rs.extensions
+
+		# Create a ClusterRole named "foo" with SubResource specified
+		kubectl create clusterrole foo --verb=get,list,watch --resource=pods,pods/status
+
+		# Create a ClusterRole name "foo" with NonResourceURL specified
+		kubectl create clusterrole "foo" --verb=get --non-resource-url=/logs/*
+
+		# Create a ClusterRole name "monitoring" with AggregationRule specified
+		kubectl create clusterrole monitoring --aggregation-rule="rbac.example.com/aggregate-to-monitoring=true"`))
+
+	// Valid nonResource verb list for validation.
+	validNonResourceVerbs = []string{"*", "get", "post", "put", "delete", "patch", "head", "options"}
+)
+
+type CreateClusterRoleOptions struct {
+	*CreateRoleOptions
+	NonResourceURLs []string
+	AggregationRule map[string]string
+}
+
+// ClusterRole is a command to ease creating ClusterRoles.
+func NewCmdCreateClusterRole(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	c := &CreateClusterRoleOptions{
+		CreateRoleOptions: NewCreateRoleOptions(ioStreams),
+		AggregationRule:   map[string]string{},
+	}
+	cmd := &cobra.Command{
+		Use: "clusterrole NAME --verb=verb --resource=resource.group [--resource-name=resourcename] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   clusterRoleLong,
+		Long:    clusterRoleLong,
+		Example: clusterRoleExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(c.Complete(f, cmd, args))
+			cmdutil.CheckErr(c.Validate())
+			cmdutil.CheckErr(c.RunCreateRole())
+		},
+	}
+
+	c.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddDryRunFlag(cmd)
+	cmd.Flags().StringSliceVar(&c.Verbs, "verb", c.Verbs, "Verb that applies to the resources contained in the rule")
+	cmd.Flags().StringSliceVar(&c.NonResourceURLs, "non-resource-url", c.NonResourceURLs, "A partial url that user should have access to.")
+	cmd.Flags().StringSlice("resource", []string{}, "Resource that the rule applies to")
+	cmd.Flags().StringArrayVar(&c.ResourceNames, "resource-name", c.ResourceNames, "Resource in the white list that the rule applies to, repeat this flag for multiple items")
+	cmd.Flags().Var(utilflag.NewMapStringString(&c.AggregationRule), "aggregation-rule", "An aggregation label selector for combining ClusterRoles.")
+
+	return cmd
+}
+
+func (c *CreateClusterRoleOptions) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	// Remove duplicate nonResourceURLs
+	nonResourceURLs := []string{}
+	for _, n := range c.NonResourceURLs {
+		if !arrayContains(nonResourceURLs, n) {
+			nonResourceURLs = append(nonResourceURLs, n)
+		}
+	}
+	c.NonResourceURLs = nonResourceURLs
+
+	return c.CreateRoleOptions.Complete(f, cmd, args)
+}
+
+func (c *CreateClusterRoleOptions) Validate() error {
+	if c.Name == "" {
+		return fmt.Errorf("name must be specified")
+	}
+
+	if len(c.AggregationRule) > 0 {
+		if len(c.NonResourceURLs) > 0 || len(c.Verbs) > 0 || len(c.Resources) > 0 || len(c.ResourceNames) > 0 {
+			return fmt.Errorf("aggregation rule must be specified without nonResourceURLs, verbs, resources or resourceNames")
+		}
+		return nil
+	}
+
+	// validate verbs.
+	if len(c.Verbs) == 0 {
+		return fmt.Errorf("at least one verb must be specified")
+	}
+
+	if len(c.Resources) == 0 && len(c.NonResourceURLs) == 0 {
+		return fmt.Errorf("one of resource or nonResourceURL must be specified")
+	}
+
+	// validate resources
+	if len(c.Resources) > 0 {
+		for _, v := range c.Verbs {
+			if !arrayContains(validResourceVerbs, v) {
+				return fmt.Errorf("invalid verb: '%s'", v)
+			}
+		}
+		if err := c.validateResource(); err != nil {
+			return err
+		}
+	}
+
+	//validate non-resource-url
+	if len(c.NonResourceURLs) > 0 {
+		for _, v := range c.Verbs {
+			if !arrayContains(validNonResourceVerbs, v) {
+				return fmt.Errorf("invalid verb: '%s' for nonResourceURL", v)
+			}
+		}
+
+		for _, nonResourceURL := range c.NonResourceURLs {
+			if nonResourceURL == "*" {
+				continue
+			}
+
+			if nonResourceURL == "" || !strings.HasPrefix(nonResourceURL, "/") {
+				return fmt.Errorf("nonResourceURL should start with /")
+			}
+
+			if strings.ContainsRune(nonResourceURL[:len(nonResourceURL)-1], '*') {
+				return fmt.Errorf("nonResourceURL only supports wildcard matches when '*' is at the end")
+			}
+		}
+	}
+
+	return nil
+
+}
+
+func (c *CreateClusterRoleOptions) RunCreateRole() error {
+	clusterRole := &rbacv1.ClusterRole{
+		// this is ok because we know exactly how we want to be serialized
+		TypeMeta: metav1.TypeMeta{APIVersion: rbacv1.SchemeGroupVersion.String(), Kind: "ClusterRole"},
+	}
+	clusterRole.Name = c.Name
+
+	var err error
+	if len(c.AggregationRule) == 0 {
+		rules, err := generateResourcePolicyRules(c.Mapper, c.Verbs, c.Resources, c.ResourceNames, c.NonResourceURLs)
+		if err != nil {
+			return err
+		}
+		clusterRole.Rules = rules
+	} else {
+		clusterRole.AggregationRule = &rbacv1.AggregationRule{
+			ClusterRoleSelectors: []metav1.LabelSelector{
+				{
+					MatchLabels: c.AggregationRule,
+				},
+			},
+		}
+	}
+
+	// Create ClusterRole.
+	if !c.DryRun {
+		clusterRole, err = c.Client.ClusterRoles().Create(clusterRole)
+		if err != nil {
+			return err
+		}
+	}
+
+	return c.PrintObj(clusterRole)
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrole_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrole_test.go
@ -0,0 +1,528 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"testing"
+
+	rbac "k8s.io/api/rbac/v1"
+	"k8s.io/apimachinery/pkg/api/equality"
+	"k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+)
+
+func TestCreateClusterRole(t *testing.T) {
+	clusterRoleName := "my-cluster-role"
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	tf.Client = &fake.RESTClient{}
+	tf.ClientConfigVal = defaultClientConfig()
+
+	tests := map[string]struct {
+		verbs               string
+		resources           string
+		nonResourceURL      string
+		resourceNames       string
+		aggregationRule     string
+		expectedClusterRole *rbac.ClusterRole
+	}{
+		"test-duplicate-resources": {
+			verbs:     "get,watch,list",
+			resources: "pods,pods",
+			expectedClusterRole: &rbac.ClusterRole{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "ClusterRole"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: clusterRoleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"pods"},
+						APIGroups:     []string{""},
+						ResourceNames: []string{},
+					},
+				},
+			},
+		},
+		"test-valid-case-with-multiple-apigroups": {
+			verbs:     "get,watch,list",
+			resources: "pods,deployments.extensions",
+			expectedClusterRole: &rbac.ClusterRole{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "ClusterRole"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: clusterRoleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"pods"},
+						APIGroups:     []string{""},
+						ResourceNames: []string{},
+					},
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"deployments"},
+						APIGroups:     []string{"extensions"},
+						ResourceNames: []string{},
+					},
+				},
+			},
+		},
+		"test-non-resource-url": {
+			verbs:          "get",
+			nonResourceURL: "/logs/,/healthz",
+			expectedClusterRole: &rbac.ClusterRole{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "ClusterRole"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: clusterRoleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:           []string{"get"},
+						NonResourceURLs: []string{"/logs/", "/healthz"},
+					},
+				},
+			},
+		},
+		"test-resource-and-non-resource-url": {
+			verbs:          "get",
+			nonResourceURL: "/logs/,/healthz",
+			resources:      "pods",
+			expectedClusterRole: &rbac.ClusterRole{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "ClusterRole"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: clusterRoleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:         []string{"get"},
+						Resources:     []string{"pods"},
+						APIGroups:     []string{""},
+						ResourceNames: []string{},
+					},
+					{
+						Verbs:           []string{"get"},
+						NonResourceURLs: []string{"/logs/", "/healthz"},
+					},
+				},
+			},
+		},
+		"test-aggregation-rules": {
+			aggregationRule: "foo1=foo2,foo3=foo4",
+			expectedClusterRole: &rbac.ClusterRole{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "ClusterRole"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: clusterRoleName,
+				},
+				AggregationRule: &rbac.AggregationRule{
+					ClusterRoleSelectors: []metav1.LabelSelector{
+						{
+							MatchLabels: map[string]string{
+								"foo1": "foo2",
+								"foo3": "foo4",
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for name, test := range tests {
+		ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+		cmd := NewCmdCreateClusterRole(tf, ioStreams)
+		cmd.Flags().Set("dry-run", "true")
+		cmd.Flags().Set("output", "yaml")
+		cmd.Flags().Set("verb", test.verbs)
+		cmd.Flags().Set("resource", test.resources)
+		cmd.Flags().Set("non-resource-url", test.nonResourceURL)
+		cmd.Flags().Set("aggregation-rule", test.aggregationRule)
+		if test.resourceNames != "" {
+			cmd.Flags().Set("resource-name", test.resourceNames)
+		}
+		cmd.Run(cmd, []string{clusterRoleName})
+		actual := &rbac.ClusterRole{}
+		if err := runtime.DecodeInto(legacyscheme.Codecs.UniversalDecoder(), buf.Bytes(), actual); err != nil {
+			t.Log(string(buf.Bytes()))
+			t.Fatal(err)
+		}
+		if !equality.Semantic.DeepEqual(test.expectedClusterRole, actual) {
+			t.Errorf("%s:\nexpected:\n%#v\nsaw:\n%#v", name, test.expectedClusterRole, actual)
+		}
+	}
+}
+
+func TestClusterRoleValidate(t *testing.T) {
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	tests := map[string]struct {
+		clusterRoleOptions *CreateClusterRoleOptions
+		expectErr          bool
+	}{
+		"test-missing-name": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{},
+			},
+			expectErr: true,
+		},
+		"test-missing-verb": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name: "my-clusterrole",
+				},
+			},
+			expectErr: true,
+		},
+		"test-missing-resource": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get"},
+				},
+			},
+			expectErr: true,
+		},
+		"test-missing-resource-existing-apigroup": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get"},
+					Resources: []ResourceOptions{
+						{
+							Group: "extensions",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-missing-resource-existing-subresource": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get"},
+					Resources: []ResourceOptions{
+						{
+							SubResource: "scale",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-invalid-verb": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"invalid-verb"},
+					Resources: []ResourceOptions{
+						{
+							Resource: "pods",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-nonresource-verb": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"post"},
+					Resources: []ResourceOptions{
+						{
+							Resource: "pods",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-special-verb": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"use"},
+					Resources: []ResourceOptions{
+						{
+							Resource: "pods",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-mix-verbs": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"impersonate", "use"},
+					Resources: []ResourceOptions{
+						{
+							Resource:    "userextras",
+							SubResource: "scopes",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-special-verb-with-wrong-apigroup": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"impersonate"},
+					Resources: []ResourceOptions{
+						{
+							Resource:    "userextras",
+							SubResource: "scopes",
+							Group:       "extensions",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-invalid-resource": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get"},
+					Resources: []ResourceOptions{
+						{
+							Resource: "invalid-resource",
+						},
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-resource-name-with-multiple-resources": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get"},
+					Resources: []ResourceOptions{
+						{
+							Resource: "pods",
+						},
+						{
+							Resource: "deployments",
+							Group:    "extensions",
+						},
+					},
+				},
+			},
+			expectErr: false,
+		},
+		"test-valid-case": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "role-binder",
+					Verbs: []string{"get", "list", "bind"},
+					Resources: []ResourceOptions{
+						{
+							Resource: "roles",
+							Group:    "rbac.authorization.k8s.io",
+						},
+					},
+				},
+			},
+			expectErr: false,
+		},
+		"test-valid-case-with-subresource": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get", "list"},
+					Resources: []ResourceOptions{
+						{
+							Resource:    "replicasets",
+							SubResource: "scale",
+						},
+					},
+				},
+			},
+			expectErr: false,
+		},
+		"test-valid-case-with-additional-resource": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"impersonate"},
+					Resources: []ResourceOptions{
+						{
+							Resource:    "userextras",
+							SubResource: "scopes",
+							Group:       "authentication.k8s.io",
+						},
+					},
+				},
+			},
+			expectErr: false,
+		},
+		"test-invalid-empty-non-resource-url": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"create"},
+				},
+				NonResourceURLs: []string{""},
+			},
+			expectErr: true,
+		},
+		"test-invalid-non-resource-url": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"create"},
+				},
+				NonResourceURLs: []string{"logs"},
+			},
+			expectErr: true,
+		},
+		"test-invalid-non-resource-url-with-*": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"create"},
+				},
+				NonResourceURLs: []string{"/logs/*/"},
+			},
+			expectErr: true,
+		},
+		"test-invalid-non-resource-url-with-multiple-*": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"create"},
+				},
+				NonResourceURLs: []string{"/logs*/*"},
+			},
+			expectErr: true,
+		},
+		"test-invalid-verb-for-non-resource-url": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"create"},
+				},
+				NonResourceURLs: []string{"/logs/"},
+			},
+			expectErr: true,
+		},
+		"test-resource-and-non-resource-url-specified-together": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get"},
+					Resources: []ResourceOptions{
+						{
+							Resource:    "replicasets",
+							SubResource: "scale",
+						},
+					},
+				},
+				NonResourceURLs: []string{"/logs/", "/logs/*"},
+			},
+			expectErr: false,
+		},
+		"test-aggregation-rule-with-verb": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name:  "my-clusterrole",
+					Verbs: []string{"get"},
+				},
+				AggregationRule: map[string]string{"foo-key": "foo-vlue"},
+			},
+			expectErr: true,
+		},
+		"test-aggregation-rule-with-resource": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name: "my-clusterrole",
+					Resources: []ResourceOptions{
+						{
+							Resource:    "replicasets",
+							SubResource: "scale",
+						},
+					},
+				},
+				AggregationRule: map[string]string{"foo-key": "foo-vlue"},
+			},
+			expectErr: true,
+		},
+		"test-aggregation-rule-with-no-resource-url": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name: "my-clusterrole",
+				},
+				NonResourceURLs: []string{"/logs/"},
+				AggregationRule: map[string]string{"foo-key": "foo-vlue"},
+			},
+			expectErr: true,
+		},
+		"test-aggregation-rule": {
+			clusterRoleOptions: &CreateClusterRoleOptions{
+				CreateRoleOptions: &CreateRoleOptions{
+					Name: "my-clusterrole",
+				},
+				AggregationRule: map[string]string{"foo-key": "foo-vlue"},
+			},
+			expectErr: false,
+		},
+	}
+
+	for name, test := range tests {
+		t.Run(name, func(t *testing.T) {
+			var err error
+			test.clusterRoleOptions.Mapper, err = tf.ToRESTMapper()
+			if err != nil {
+				t.Fatal(err)
+			}
+			err = test.clusterRoleOptions.Validate()
+			if test.expectErr && err == nil {
+				t.Errorf("%s: expect error happens, but validate passes.", name)
+			}
+			if !test.expectErr && err != nil {
+				t.Errorf("%s: unexpected error: %v", name, err)
+			}
+		})
+	}
+}
+
+func defaultClientConfig() *restclient.Config {
+	return &restclient.Config{
+		APIPath: "/api",
+		ContentConfig: restclient.ContentConfig{
+			NegotiatedSerializer: scheme.Codecs,
+			ContentType:          runtime.ContentTypeJSON,
+			GroupVersion:         &schema.GroupVersion{Version: "v1"},
+		},
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrolebinding.go
@ -0,0 +1,99 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	clusterRoleBindingLong = templates.LongDesc(i18n.T(`
+		Create a ClusterRoleBinding for a particular ClusterRole.`))
+
+	clusterRoleBindingExample = templates.Examples(i18n.T(`
+		  # Create a ClusterRoleBinding for user1, user2, and group1 using the cluster-admin ClusterRole
+		  kubectl create clusterrolebinding cluster-admin --clusterrole=cluster-admin --user=user1 --user=user2 --group=group1`))
+)
+
+type ClusterRoleBindingOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// ClusterRoleBinding is a command to ease creating ClusterRoleBindings.
+func NewCmdCreateClusterRoleBinding(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &ClusterRoleBindingOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "clusterrolebinding NAME --clusterrole=NAME [--user=username] [--group=groupname] [--serviceaccount=namespace:serviceaccountname] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a ClusterRoleBinding for a particular ClusterRole"),
+		Long:    clusterRoleBindingLong,
+		Example: clusterRoleBindingExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ClusterRoleBindingV1GeneratorName)
+	cmd.Flags().String("clusterrole", "", i18n.T("ClusterRole this ClusterRoleBinding should reference"))
+	cmd.MarkFlagCustom("clusterrole", "__kubectl_get_resource_clusterrole")
+	cmd.Flags().StringArray("user", []string{}, "Usernames to bind to the role")
+	cmd.Flags().StringArray("group", []string{}, "Groups to bind to the role")
+	cmd.Flags().StringArray("serviceaccount", []string{}, "Service accounts to bind to the role, in the format <namespace>:<name>")
+	return cmd
+}
+
+func (o *ClusterRoleBindingOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ClusterRoleBindingV1GeneratorName:
+		generator = &kubectl.ClusterRoleBindingGeneratorV1{
+			Name:            name,
+			ClusterRole:     cmdutil.GetFlagString(cmd, "clusterrole"),
+			Users:           cmdutil.GetFlagStringArray(cmd, "user"),
+			Groups:          cmdutil.GetFlagStringArray(cmd, "group"),
+			ServiceAccounts: cmdutil.GetFlagStringArray(cmd, "serviceaccount"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateClusterRoleBinding is the implementation of the create clusterrolebinding command.
+func (o *ClusterRoleBindingOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrolebinding_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_clusterrolebinding_test.go
@ -0,0 +1,153 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"reflect"
+	"testing"
+
+	rbac "k8s.io/api/rbac/v1beta1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+func TestCreateClusterRoleBinding(t *testing.T) {
+	expectBinding := &rbac.ClusterRoleBinding{
+		ObjectMeta: v1.ObjectMeta{
+			Name: "fake-binding",
+		},
+		TypeMeta: v1.TypeMeta{
+			Kind:       "ClusterRoleBinding",
+			APIVersion: "rbac.authorization.k8s.io/v1beta1",
+		},
+		RoleRef: rbac.RoleRef{
+			APIGroup: rbac.GroupName,
+			Kind:     "ClusterRole",
+			Name:     "fake-clusterrole",
+		},
+		Subjects: []rbac.Subject{
+			{
+				Kind:     rbac.UserKind,
+				APIGroup: "rbac.authorization.k8s.io",
+				Name:     "fake-user",
+			},
+			{
+				Kind:     rbac.GroupKind,
+				APIGroup: "rbac.authorization.k8s.io",
+				Name:     "fake-group",
+			},
+			{
+				Kind:      rbac.ServiceAccountKind,
+				Namespace: "fake-namespace",
+				Name:      "fake-account",
+			},
+		},
+	}
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	ns := legacyscheme.Codecs
+
+	info, _ := runtime.SerializerInfoForMediaType(ns.SupportedMediaTypes(), runtime.ContentTypeJSON)
+	encoder := ns.EncoderForVersion(info.Serializer, groupVersion)
+	decoder := ns.DecoderToVersion(info.Serializer, groupVersion)
+
+	tf.Client = &ClusterRoleBindingRESTClient{
+		RESTClient: &fake.RESTClient{
+			NegotiatedSerializer: ns,
+			Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+				switch p, m := req.URL.Path, req.Method; {
+				case p == "/clusterrolebindings" && m == "POST":
+					bodyBits, err := ioutil.ReadAll(req.Body)
+					if err != nil {
+						t.Fatalf("TestCreateClusterRoleBinding error: %v", err)
+						return nil, nil
+					}
+
+					if obj, _, err := decoder.Decode(bodyBits, nil, &rbac.ClusterRoleBinding{}); err == nil {
+						if !reflect.DeepEqual(obj.(*rbac.ClusterRoleBinding), expectBinding) {
+							t.Fatalf("TestCreateClusterRoleBinding: expected:\n%#v\nsaw:\n%#v", expectBinding, obj.(*rbac.ClusterRoleBinding))
+							return nil, nil
+						}
+					} else {
+						t.Fatalf("TestCreateClusterRoleBinding error, could not decode the request body into rbac.ClusterRoleBinding object: %v", err)
+						return nil, nil
+					}
+
+					responseBinding := &rbac.ClusterRoleBinding{}
+					responseBinding.Name = "fake-binding"
+					return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: ioutil.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(encoder, responseBinding))))}, nil
+				default:
+					t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+					return nil, nil
+				}
+			}),
+		},
+	}
+
+	expectedOutput := "clusterrolebinding.rbac.authorization.k8s.io/" + expectBinding.Name + "\n"
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateClusterRoleBinding(tf, ioStreams)
+	cmd.Flags().Set("clusterrole", "fake-clusterrole")
+	cmd.Flags().Set("user", "fake-user")
+	cmd.Flags().Set("group", "fake-group")
+	cmd.Flags().Set("output", "name")
+	cmd.Flags().Set("serviceaccount", "fake-namespace:fake-account")
+	cmd.Run(cmd, []string{"fake-binding"})
+	if buf.String() != expectedOutput {
+		t.Errorf("TestCreateClusterRoleBinding: expected %v\n but got %v\n", expectedOutput, buf.String())
+	}
+}
+
+type ClusterRoleBindingRESTClient struct {
+	*fake.RESTClient
+}
+
+func (c *ClusterRoleBindingRESTClient) Post() *restclient.Request {
+	config := restclient.ContentConfig{
+		ContentType:          runtime.ContentTypeJSON,
+		NegotiatedSerializer: c.NegotiatedSerializer,
+	}
+
+	info, _ := runtime.SerializerInfoForMediaType(c.NegotiatedSerializer.SupportedMediaTypes(), runtime.ContentTypeJSON)
+	serializers := restclient.Serializers{
+		Encoder: c.NegotiatedSerializer.EncoderForVersion(info.Serializer, schema.GroupVersion{Group: "rbac.authorization.k8s.io", Version: "v1beta1"}),
+		Decoder: c.NegotiatedSerializer.DecoderToVersion(info.Serializer, schema.GroupVersion{Group: "rbac.authorization.k8s.io", Version: "v1beta1"}),
+	}
+	if info.StreamSerializer != nil {
+		serializers.StreamingSerializer = info.StreamSerializer.Serializer
+		serializers.Framer = info.StreamSerializer.Framer
+	}
+	return restclient.NewRequest(c, "POST", &url.URL{Host: "localhost"}, c.VersionedAPIPath, config, serializers, nil, nil, 0)
+}
+
+func defaultHeader() http.Header {
+	header := http.Header{}
+	header.Set("Content-Type", runtime.ContentTypeJSON)
+	return header
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_configmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_configmap.go
@ -0,0 +1,120 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	configMapLong = templates.LongDesc(i18n.T(`
+		Create a configmap based on a file, directory, or specified literal value.
+
+		A single configmap may package one or more key/value pairs.
+
+		When creating a configmap based on a file, the key will default to the basename of the file, and the value will
+		default to the file content.  If the basename is an invalid key, you may specify an alternate key.
+
+		When creating a configmap based on a directory, each file whose basename is a valid key in the directory will be
+		packaged into the configmap.  Any directory entries except regular files are ignored (e.g. subdirectories,
+		symlinks, devices, pipes, etc).`))
+
+	configMapExample = templates.Examples(i18n.T(`
+		  # Create a new configmap named my-config based on folder bar
+		  kubectl create configmap my-config --from-file=path/to/bar
+
+		  # Create a new configmap named my-config with specified keys instead of file basenames on disk
+		  kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt
+
+		  # Create a new configmap named my-config with key1=config1 and key2=config2
+		  kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
+
+		  # Create a new configmap named my-config from the key=value pairs in the file
+		  kubectl create configmap my-config --from-file=path/to/bar
+
+		  # Create a new configmap named my-config from an env file
+		  kubectl create configmap my-config --from-env-file=path/to/bar.env`))
+)
+
+type ConfigMapOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// ConfigMap is a command to ease creating ConfigMaps.
+func NewCmdCreateConfigMap(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &ConfigMapOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "configmap NAME [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Aliases:               []string{"cm"},
+		Short:                 i18n.T("Create a configmap from a local file, directory or literal value"),
+		Long:                  configMapLong,
+		Example:               configMapExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ConfigMapV1GeneratorName)
+	cmd.Flags().StringSlice("from-file", []string{}, "Key file can be specified using its file path, in which case file basename will be used as configmap key, or optionally with a key and file path, in which case the given key will be used.  Specifying a directory will iterate each named file in the directory whose basename is a valid configmap key.")
+	cmd.Flags().StringArray("from-literal", []string{}, "Specify a key and literal value to insert in configmap (i.e. mykey=somevalue)")
+	cmd.Flags().String("from-env-file", "", "Specify the path to a file to read lines of key=val pairs to create a configmap (i.e. a Docker .env file).")
+	cmd.Flags().Bool("append-hash", false, "Append a hash of the configmap to its name.")
+	return cmd
+}
+
+func (o *ConfigMapOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ConfigMapV1GeneratorName:
+		generator = &kubectl.ConfigMapGeneratorV1{
+			Name:           name,
+			FileSources:    cmdutil.GetFlagStringSlice(cmd, "from-file"),
+			LiteralSources: cmdutil.GetFlagStringArray(cmd, "from-literal"),
+			EnvFileSource:  cmdutil.GetFlagString(cmd, "from-env-file"),
+			AppendHash:     cmdutil.GetFlagBool(cmd, "append-hash"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateConfigMap is the implementation of the create configmap command.
+func (o *ConfigMapOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_configmap_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_configmap_test.go
@ -0,0 +1,70 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"bytes"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"testing"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+)
+
+func TestCreateConfigMap(t *testing.T) {
+	configMap := &v1.ConfigMap{}
+	configMap.Name = "my-configmap"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	ns := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Group: "", Version: "v1"},
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/configmaps" && m == "POST":
+				return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: objBody(codec, configMap)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateConfigMap(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	cmd.Run(cmd, []string{configMap.Name})
+	expectedOutput := "configmap/" + configMap.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
+
+func objBody(codec runtime.Codec, obj runtime.Object) io.ReadCloser {
+	return ioutil.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(codec, obj))))
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_deployment.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_deployment.go
@ -0,0 +1,155 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	deploymentLong = templates.LongDesc(i18n.T(`
+	Create a deployment with the specified name.`))
+
+	deploymentExample = templates.Examples(i18n.T(`
+	# Create a new deployment named my-dep that runs the busybox image.
+	kubectl create deployment my-dep --image=busybox`))
+)
+
+type DeploymentOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateDeployment is a macro command to create a new deployment.
+// This command is better known to users as `kubectl create deployment`.
+// Note that this command overlaps significantly with the `kubectl run` command.
+func NewCmdCreateDeployment(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &DeploymentOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "deployment NAME --image=image [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Aliases:               []string{"deploy"},
+		Short:                 i18n.T("Create a deployment with the specified name."),
+		Long:                  deploymentLong,
+		Example:               deploymentExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, "")
+	cmd.Flags().StringSlice("image", []string{}, "Image name to run.")
+	cmd.MarkFlagRequired("image")
+	return cmd
+}
+
+// generatorFromName returns the appropriate StructuredGenerator based on the
+// generatorName. If the generatorName is unrecognized, then return (nil,
+// false).
+func generatorFromName(
+	generatorName string,
+	imageNames []string,
+	deploymentName string,
+) (kubectl.StructuredGenerator, bool) {
+
+	switch generatorName {
+	case cmdutil.DeploymentBasicAppsV1GeneratorName:
+		generator := &kubectl.DeploymentBasicAppsGeneratorV1{
+			BaseDeploymentGenerator: kubectl.BaseDeploymentGenerator{
+				Name:   deploymentName,
+				Images: imageNames,
+			},
+		}
+		return generator, true
+
+	case cmdutil.DeploymentBasicAppsV1Beta1GeneratorName:
+		generator := &kubectl.DeploymentBasicAppsGeneratorV1Beta1{
+			BaseDeploymentGenerator: kubectl.BaseDeploymentGenerator{
+				Name:   deploymentName,
+				Images: imageNames,
+			},
+		}
+		return generator, true
+
+	case cmdutil.DeploymentBasicV1Beta1GeneratorName:
+		generator := &kubectl.DeploymentBasicGeneratorV1{
+			BaseDeploymentGenerator: kubectl.BaseDeploymentGenerator{
+				Name:   deploymentName,
+				Images: imageNames,
+			},
+		}
+		return generator, true
+	}
+
+	return nil, false
+}
+
+func (o *DeploymentOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	clientset, err := f.ClientSet()
+	if err != nil {
+		return err
+	}
+
+	generatorName := cmdutil.GetFlagString(cmd, "generator")
+
+	if len(generatorName) == 0 {
+		generatorName = cmdutil.DeploymentBasicAppsV1GeneratorName
+		generatorNameTemp, err := cmdutil.FallbackGeneratorNameIfNecessary(generatorName, clientset.Discovery(), o.CreateSubcommandOptions.ErrOut)
+		if err != nil {
+			return err
+		}
+		if generatorNameTemp != generatorName {
+			cmdutil.Warning(o.CreateSubcommandOptions.ErrOut, generatorName, generatorNameTemp)
+		} else {
+			generatorName = generatorNameTemp
+		}
+	}
+
+	imageNames := cmdutil.GetFlagStringSlice(cmd, "image")
+	generator, ok := generatorFromName(generatorName, imageNames, name)
+	if !ok {
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// createDeployment
+// 1. Reads user config values from Cobra.
+// 2. Sets up the correct Generator object.
+// 3. Calls RunCreateSubcommand.
+func (o *DeploymentOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_deployment_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_deployment_test.go
@ -0,0 +1,156 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/kubectl"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+func Test_generatorFromName(t *testing.T) {
+	const (
+		nonsenseName         = "not-a-real-generator-name"
+		basicName            = cmdutil.DeploymentBasicV1Beta1GeneratorName
+		basicAppsV1Beta1Name = cmdutil.DeploymentBasicAppsV1Beta1GeneratorName
+		basicAppsV1Name      = cmdutil.DeploymentBasicAppsV1GeneratorName
+		deploymentName       = "deployment-name"
+	)
+	imageNames := []string{"image-1", "image-2"}
+
+	generator, ok := generatorFromName(nonsenseName, imageNames, deploymentName)
+	assert.Nil(t, generator)
+	assert.False(t, ok)
+
+	generator, ok = generatorFromName(basicName, imageNames, deploymentName)
+	assert.True(t, ok)
+
+	{
+		expectedGenerator := &kubectl.DeploymentBasicGeneratorV1{
+			BaseDeploymentGenerator: kubectl.BaseDeploymentGenerator{
+				Name:   deploymentName,
+				Images: imageNames,
+			},
+		}
+		assert.Equal(t, expectedGenerator, generator)
+	}
+
+	generator, ok = generatorFromName(basicAppsV1Beta1Name, imageNames, deploymentName)
+	assert.True(t, ok)
+
+	{
+		expectedGenerator := &kubectl.DeploymentBasicAppsGeneratorV1Beta1{
+			BaseDeploymentGenerator: kubectl.BaseDeploymentGenerator{
+				Name:   deploymentName,
+				Images: imageNames,
+			},
+		}
+		assert.Equal(t, expectedGenerator, generator)
+	}
+
+	generator, ok = generatorFromName(basicAppsV1Name, imageNames, deploymentName)
+	assert.True(t, ok)
+
+	{
+		expectedGenerator := &kubectl.DeploymentBasicAppsGeneratorV1{
+			BaseDeploymentGenerator: kubectl.BaseDeploymentGenerator{
+				Name:   deploymentName,
+				Images: imageNames,
+			},
+		}
+		assert.Equal(t, expectedGenerator, generator)
+	}
+}
+
+func TestCreateDeployment(t *testing.T) {
+	depName := "jonny-dep"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	ns := legacyscheme.Codecs
+	fakeDiscovery := "{\"kind\":\"APIResourceList\",\"apiVersion\":\"v1\",\"groupVersion\":\"apps/v1\",\"resources\":[{\"name\":\"deployments\",\"singularName\":\"\",\"namespaced\":true,\"kind\":\"Deployment\",\"verbs\":[\"create\",\"delete\",\"deletecollection\",\"get\",\"list\",\"patch\",\"update\",\"watch\"],\"shortNames\":[\"deploy\"],\"categories\":[\"all\"]}]}"
+	tf.Client = &fake.RESTClient{
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       ioutil.NopCloser(bytes.NewBuffer([]byte(fakeDiscovery))),
+			}, nil
+		}),
+	}
+	tf.ClientConfigVal = &restclient.Config{}
+
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateDeployment(tf, ioStreams)
+	cmd.Flags().Set("dry-run", "true")
+	cmd.Flags().Set("output", "name")
+	cmd.Flags().Set("image", "hollywood/jonny.depp:v2")
+	cmd.Run(cmd, []string{depName})
+	expectedOutput := "deployment.apps/" + depName + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
+
+func TestCreateDeploymentNoImage(t *testing.T) {
+	depName := "jonny-dep"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	ns := legacyscheme.Codecs
+	fakeDiscovery := "{\"kind\":\"APIResourceList\",\"apiVersion\":\"v1\",\"groupVersion\":\"apps/v1\",\"resources\":[{\"name\":\"deployments\",\"singularName\":\"\",\"namespaced\":true,\"kind\":\"Deployment\",\"verbs\":[\"create\",\"delete\",\"deletecollection\",\"get\",\"list\",\"patch\",\"update\",\"watch\"],\"shortNames\":[\"deploy\"],\"categories\":[\"all\"]}]}"
+	tf.Client = &fake.RESTClient{
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       ioutil.NopCloser(bytes.NewBuffer([]byte(fakeDiscovery))),
+			}, nil
+		}),
+	}
+	tf.ClientConfigVal = &restclient.Config{}
+
+	ioStreams := genericclioptions.NewTestIOStreamsDiscard()
+	cmd := NewCmdCreateDeployment(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	options := &DeploymentOpts{
+		CreateSubcommandOptions: &CreateSubcommandOptions{
+			PrintFlags: genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+			DryRun:     true,
+			IOStreams:  ioStreams,
+		},
+	}
+
+	err := options.Complete(tf, cmd, []string{depName})
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	err = options.Run()
+	assert.Error(t, err, "at least one image must be specified")
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_job.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_job.go
@ -0,0 +1,186 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+
+	batchv1 "k8s.io/api/batch/v1"
+	batchv1beta1 "k8s.io/api/batch/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	clientbatchv1 "k8s.io/client-go/kubernetes/typed/batch/v1"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions/resource"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	jobLong = templates.LongDesc(i18n.T(`
+		Create a job with the specified name.`))
+
+	jobExample = templates.Examples(i18n.T(`
+		# Create a job from a CronJob named "a-cronjob"
+		kubectl create job test-job --from=cronjob/a-cronjob`))
+)
+
+type CreateJobOptions struct {
+	PrintFlags *genericclioptions.PrintFlags
+
+	PrintObj func(obj runtime.Object) error
+
+	Name string
+	From string
+
+	Namespace    string
+	OutputFormat string
+	Client       clientbatchv1.BatchV1Interface
+	DryRun       bool
+	Builder      *resource.Builder
+	Cmd          *cobra.Command
+
+	genericclioptions.IOStreams
+}
+
+func NewCreateJobOptions(ioStreams genericclioptions.IOStreams) *CreateJobOptions {
+	return &CreateJobOptions{
+		PrintFlags: genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+		IOStreams:  ioStreams,
+	}
+}
+
+// NewCmdCreateJob is a command to ease creating Jobs from CronJobs.
+func NewCmdCreateJob(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	o := NewCreateJobOptions(ioStreams)
+
+	cmd := &cobra.Command{
+		Use:     "job NAME [--from=CRONJOB]",
+		Short:   jobLong,
+		Long:    jobLong,
+		Example: jobExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(o.Complete(f, cmd, args))
+			cmdutil.CheckErr(o.RunCreateJob())
+		},
+	}
+
+	o.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddDryRunFlag(cmd)
+	cmd.Flags().StringVar(&o.From, "from", o.From, "The name of the resource to create a Job from (only cronjob is supported).")
+
+	return cmd
+}
+
+func (o *CreateJobOptions) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) (err error) {
+	if len(args) == 0 {
+		return cmdutil.UsageErrorf(cmd, "NAME is required")
+	}
+	o.Name = args[0]
+
+	o.Namespace, _, err = f.ToRawKubeConfigLoader().Namespace()
+	if err != nil {
+		return err
+	}
+
+	clientset, err := f.KubernetesClientSet()
+	if err != nil {
+		return err
+	}
+	o.Client = clientset.BatchV1()
+	o.Builder = f.NewBuilder()
+	o.DryRun = cmdutil.GetDryRunFlag(cmd)
+	o.Cmd = cmd
+	o.OutputFormat = cmdutil.GetFlagString(cmd, "output")
+
+	if o.DryRun {
+		o.PrintFlags.Complete("%s (dry run)")
+	}
+	printer, err := o.PrintFlags.ToPrinter()
+	if err != nil {
+		return err
+	}
+
+	o.PrintObj = func(obj runtime.Object) error {
+		return printer.PrintObj(obj, o.Out)
+	}
+
+	return nil
+}
+
+func (o *CreateJobOptions) RunCreateJob() error {
+	infos, err := o.Builder.
+		Unstructured().
+		NamespaceParam(o.Namespace).DefaultNamespace().
+		ResourceTypeOrNameArgs(false, o.From).
+		Flatten().
+		Latest().
+		Do().
+		Infos()
+	if err != nil {
+		return err
+	}
+	if len(infos) != 1 {
+		return fmt.Errorf("from must be an existing cronjob")
+	}
+
+	uncastVersionedObj, err := scheme.Scheme.ConvertToVersion(infos[0].Object, batchv1beta1.SchemeGroupVersion)
+	if err != nil {
+		return fmt.Errorf("from must be an existing cronjob: %v", err)
+	}
+	cronJob, ok := uncastVersionedObj.(*batchv1beta1.CronJob)
+	if !ok {
+		return fmt.Errorf("from must be an existing cronjob")
+	}
+
+	return o.createJob(cronJob)
+}
+
+func (o *CreateJobOptions) createJob(cronJob *batchv1beta1.CronJob) error {
+	annotations := make(map[string]string)
+	annotations["cronjob.kubernetes.io/instantiate"] = "manual"
+	for k, v := range cronJob.Spec.JobTemplate.Annotations {
+		annotations[k] = v
+	}
+	job := &batchv1.Job{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:        o.Name,
+			Namespace:   o.Namespace,
+			Annotations: annotations,
+			Labels:      cronJob.Spec.JobTemplate.Labels,
+		},
+		Spec: cronJob.Spec.JobTemplate.Spec,
+	}
+
+	if !o.DryRun {
+		var err error
+		job, err = o.Client.Jobs(o.Namespace).Create(job)
+		if err != nil {
+			return fmt.Errorf("failed to create job: %v", err)
+		}
+	}
+
+	return o.PrintObj(job)
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_job_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_job_test.go
@ -0,0 +1,137 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"testing"
+
+	batchv1 "k8s.io/api/batch/v1"
+	batchv1beta1 "k8s.io/api/batch/v1beta1"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	fake "k8s.io/client-go/kubernetes/fake"
+	clienttesting "k8s.io/client-go/testing"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+func TestCreateJobFromCronJob(t *testing.T) {
+	var submittedJob *batchv1.Job
+	testNamespaceName := "test"
+	testCronJobName := "test-cronjob"
+	testJobName := "test-job"
+	testImageName := "fake"
+
+	expectedLabels := make(map[string]string)
+	expectedAnnotations := make(map[string]string)
+	expectedLabels["test-label"] = "test-value"
+
+	expectJob := &batchv1.Job{
+		ObjectMeta: metav1.ObjectMeta{
+			Namespace:   testNamespaceName,
+			Labels:      expectedLabels,
+			Annotations: expectedAnnotations,
+		},
+		Spec: batchv1.JobSpec{
+			Template: corev1.PodTemplateSpec{
+				Spec: corev1.PodSpec{
+					Containers: []corev1.Container{
+						{Image: testImageName},
+					},
+				},
+			},
+		},
+	}
+
+	cronJob := &batchv1beta1.CronJob{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      testCronJobName,
+			Namespace: testNamespaceName,
+		},
+		Spec: batchv1beta1.CronJobSpec{
+			Schedule: "* * * * *",
+			JobTemplate: batchv1beta1.JobTemplateSpec{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: testNamespaceName,
+					Labels:    expectedLabels,
+				},
+				Spec: expectJob.Spec,
+			},
+		},
+	}
+
+	clientset := fake.Clientset{}
+	clientset.PrependReactor("create", "jobs", func(action clienttesting.Action) (handled bool, ret runtime.Object, err error) {
+		ca := action.(clienttesting.CreateAction)
+		submittedJob = ca.GetObject().(*batchv1.Job)
+		return true, expectJob, nil
+	})
+	f := cmdtesting.NewTestFactory()
+	defer f.Cleanup()
+
+	printFlags := genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme)
+
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmdOptions := &CreateJobOptions{
+		PrintFlags: printFlags,
+		Name:       testJobName,
+		Namespace:  testNamespaceName,
+		Client:     clientset.BatchV1(),
+		Cmd:        NewCmdCreateJob(f, ioStreams),
+		PrintObj: func(obj runtime.Object) error {
+			p, err := printFlags.ToPrinter()
+			if err != nil {
+				return err
+			}
+
+			return p.PrintObj(obj, buf)
+		},
+		IOStreams: ioStreams,
+	}
+
+	err := cmdOptions.createJob(cronJob)
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	if submittedJob.ObjectMeta.Name != testJobName {
+		t.Errorf("expected '%s', got '%s'", testJobName, submittedJob.ObjectMeta.Name)
+	}
+
+	if l := len(submittedJob.Annotations); l != 1 {
+		t.Errorf("expected length of annotations array to be 1, got %d", l)
+	}
+	if v, ok := submittedJob.Annotations["cronjob.kubernetes.io/instantiate"]; !ok || v != "manual" {
+		t.Errorf("expected annotation cronjob.kubernetes.io/instantiate=manual to exist, got '%s'", v)
+	}
+
+	if l := len(submittedJob.Labels); l != 1 {
+		t.Errorf("expected length of labels array to be 1, got %d", l)
+	}
+	if v, ok := submittedJob.Labels["test-label"]; !ok || v != "test-value" {
+		t.Errorf("expected label test-label=test-value to to exist, got '%s'", v)
+	}
+
+	if l := len(submittedJob.Spec.Template.Spec.Containers); l != 1 {
+		t.Errorf("expected length of container array to be 1, got %d", l)
+	}
+	if submittedJob.Spec.Template.Spec.Containers[0].Image != testImageName {
+		t.Errorf("expected '%s', got '%s'", testImageName, submittedJob.Spec.Template.Spec.Containers[0].Image)
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_namespace.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_namespace.go
@ -0,0 +1,90 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	namespaceLong = templates.LongDesc(i18n.T(`
+		Create a namespace with the specified name.`))
+
+	namespaceExample = templates.Examples(i18n.T(`
+	  # Create a new namespace named my-namespace
+	  kubectl create namespace my-namespace`))
+)
+
+type NamespaceOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateNamespace is a macro command to create a new namespace
+func NewCmdCreateNamespace(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &NamespaceOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "namespace NAME [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Aliases:               []string{"ns"},
+		Short:                 i18n.T("Create a namespace with the specified name"),
+		Long:                  namespaceLong,
+		Example:               namespaceExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.NamespaceV1GeneratorName)
+
+	return cmd
+}
+
+func (o *NamespaceOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.NamespaceV1GeneratorName:
+		generator = &kubectl.NamespaceGeneratorV1{Name: name}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateNamespace implements the behavior to run the create namespace command
+func (o *NamespaceOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_namespace_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_namespace_test.go
@ -0,0 +1,62 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"net/http"
+	"testing"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+)
+
+func TestCreateNamespace(t *testing.T) {
+	namespaceObject := &v1.Namespace{}
+	namespaceObject.Name = "my-namespace"
+	tf := cmdtesting.NewTestFactory()
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	ns := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces" && m == "POST":
+				return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: objBody(codec, namespaceObject)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateNamespace(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	cmd.Run(cmd, []string{namespaceObject.Name})
+	expectedOutput := "namespace/" + namespaceObject.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_pdb.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_pdb.go
@ -0,0 +1,109 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	pdbLong = templates.LongDesc(i18n.T(`
+		Create a pod disruption budget with the specified name, selector, and desired minimum available pods`))
+
+	pdbExample = templates.Examples(i18n.T(`
+		# Create a pod disruption budget named my-pdb that will select all pods with the app=rails label
+		# and require at least one of them being available at any point in time.
+		kubectl create poddisruptionbudget my-pdb --selector=app=rails --min-available=1
+
+		# Create a pod disruption budget named my-pdb that will select all pods with the app=nginx label
+		# and require at least half of the pods selected to be available at any point in time.
+		kubectl create pdb my-pdb --selector=app=nginx --min-available=50%`))
+)
+
+type PodDisruptionBudgetOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreatePodDisruptionBudget is a macro command to create a new pod disruption budget.
+func NewCmdCreatePodDisruptionBudget(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &PodDisruptionBudgetOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "poddisruptionbudget NAME --selector=SELECTOR --min-available=N [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Aliases:               []string{"pdb"},
+		Short:                 i18n.T("Create a pod disruption budget with the specified name."),
+		Long:                  pdbLong,
+		Example:               pdbExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.PodDisruptionBudgetV2GeneratorName)
+
+	cmd.Flags().String("min-available", "", i18n.T("The minimum number or percentage of available pods this budget requires."))
+	cmd.Flags().String("max-unavailable", "", i18n.T("The maximum number or percentage of unavailable pods this budget requires."))
+	cmd.Flags().String("selector", "", i18n.T("A label selector to use for this budget. Only equality-based selector requirements are supported."))
+	return cmd
+}
+
+func (o *PodDisruptionBudgetOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.PodDisruptionBudgetV1GeneratorName:
+		generator = &kubectl.PodDisruptionBudgetV1Generator{
+			Name:         name,
+			MinAvailable: cmdutil.GetFlagString(cmd, "min-available"),
+			Selector:     cmdutil.GetFlagString(cmd, "selector"),
+		}
+	case cmdutil.PodDisruptionBudgetV2GeneratorName:
+		generator = &kubectl.PodDisruptionBudgetV2Generator{
+			Name:           name,
+			MinAvailable:   cmdutil.GetFlagString(cmd, "min-available"),
+			MaxUnavailable: cmdutil.GetFlagString(cmd, "max-unavailable"),
+			Selector:       cmdutil.GetFlagString(cmd, "selector"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreatePodDisruptionBudget implements the behavior to run the create pdb command.
+func (o *PodDisruptionBudgetOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_pdb_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_pdb_test.go
@ -0,0 +1,85 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http"
+	"testing"
+
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+func TestCreatePdb(t *testing.T) {
+	pdbName := "my-pdb"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	ns := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Group: "policy", Version: "v1beta1"},
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       ioutil.NopCloser(&bytes.Buffer{}),
+			}, nil
+		}),
+	}
+	tf.ClientConfigVal = &restclient.Config{}
+
+	outputFormat := "name"
+
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreatePodDisruptionBudget(tf, ioStreams)
+	cmd.Flags().Set("min-available", "1")
+	cmd.Flags().Set("selector", "app=rails")
+	cmd.Flags().Set("dry-run", "true")
+	cmd.Flags().Set("output", outputFormat)
+
+	printFlags := genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme)
+	printFlags.OutputFormat = &outputFormat
+
+	options := &PodDisruptionBudgetOpts{
+		CreateSubcommandOptions: &CreateSubcommandOptions{
+			PrintFlags: printFlags,
+			Name:       pdbName,
+			IOStreams:  ioStreams,
+		},
+	}
+	err := options.Complete(tf, cmd, []string{pdbName})
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	err = options.Run()
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	expectedOutput := "poddisruptionbudget.policy/" + pdbName + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_priorityclass.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_priorityclass.go
@ -0,0 +1,101 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	pcLong = templates.LongDesc(i18n.T(`
+		Create a priorityclass with the specified name, value, globalDefault and description`))
+
+	pcExample = templates.Examples(i18n.T(`
+		# Create a priorityclass named high-priority
+		kubectl create priorityclass default-priority --value=1000 --description="high priority"
+
+		# Create a priorityclass named default-priority that considered as the global default priority
+		kubectl create priorityclass default-priority --value=1000 --global-default=true --description="default priority"`))
+)
+
+type PriorityClassOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreatePriorityClass is a macro command to create a new priorityClass.
+func NewCmdCreatePriorityClass(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &PriorityClassOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "priorityclass NAME --value=VALUE --global-default=BOOL [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Aliases:               []string{"pc"},
+		Short:                 i18n.T("Create a priorityclass with the specified name."),
+		Long:                  pcLong,
+		Example:               pcExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.PriorityClassV1Alpha1GeneratorName)
+
+	cmd.Flags().Int32("value", 0, i18n.T("the value of this priority class."))
+	cmd.Flags().Bool("global-default", false, i18n.T("global-default specifies whether this PriorityClass should be considered as the default priority."))
+	cmd.Flags().String("description", "", i18n.T("description is an arbitrary string that usually provides guidelines on when this priority class should be used."))
+	return cmd
+}
+
+func (o *PriorityClassOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.PriorityClassV1Alpha1GeneratorName:
+		generator = &kubectl.PriorityClassV1Generator{
+			Name:          name,
+			Value:         cmdutil.GetFlagInt32(cmd, "value"),
+			GlobalDefault: cmdutil.GetFlagBool(cmd, "global-default"),
+			Description:   cmdutil.GetFlagString(cmd, "description"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreatePriorityClass implements the behavior to run the create priorityClass command.
+func (o *PriorityClassOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_priorityclass_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_priorityclass_test.go
@ -0,0 +1,86 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http"
+	"testing"
+
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+func TestCreatePriorityClass(t *testing.T) {
+	pcName := "my-pc"
+	tf := cmdtesting.NewTestFactory()
+	defer tf.Cleanup()
+
+	ns := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Group: "scheduling.k8s.io", Version: "v1beta1"},
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       ioutil.NopCloser(&bytes.Buffer{}),
+			}, nil
+		}),
+	}
+	tf.ClientConfigVal = &restclient.Config{}
+
+	outputFormat := "name"
+
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreatePriorityClass(tf, ioStreams)
+	cmd.Flags().Set("value", "1000")
+	cmd.Flags().Set("global-default", "true")
+	cmd.Flags().Set("description", "my priority")
+	cmd.Flags().Set("dry-run", "true")
+	cmd.Flags().Set("output", outputFormat)
+
+	printFlags := genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme)
+	printFlags.OutputFormat = &outputFormat
+
+	options := &PriorityClassOpts{
+		CreateSubcommandOptions: &CreateSubcommandOptions{
+			PrintFlags: printFlags,
+			Name:       pcName,
+			IOStreams:  ioStreams,
+		},
+	}
+	err := options.Complete(tf, cmd, []string{pcName})
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	err = options.Run()
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	expectedOutput := "priorityclass.scheduling.k8s.io/" + pcName + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_quota.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_quota.go
@ -0,0 +1,98 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	quotaLong = templates.LongDesc(i18n.T(`
+		Create a resourcequota with the specified name, hard limits and optional scopes`))
+
+	quotaExample = templates.Examples(i18n.T(`
+		# Create a new resourcequota named my-quota
+		kubectl create quota my-quota --hard=cpu=1,memory=1G,pods=2,services=3,replicationcontrollers=2,resourcequotas=1,secrets=5,persistentvolumeclaims=10
+
+		# Create a new resourcequota named best-effort
+		kubectl create quota best-effort --hard=pods=100 --scopes=BestEffort`))
+)
+
+type QuotaOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateQuota is a macro command to create a new quota
+func NewCmdCreateQuota(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &QuotaOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "quota NAME [--hard=key1=value1,key2=value2] [--scopes=Scope1,Scope2] [--dry-run=bool]",
+		DisableFlagsInUseLine: true,
+		Aliases:               []string{"resourcequota"},
+		Short:                 i18n.T("Create a quota with the specified name."),
+		Long:                  quotaLong,
+		Example:               quotaExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ResourceQuotaV1GeneratorName)
+	cmd.Flags().String("hard", "", i18n.T("A comma-delimited set of resource=quantity pairs that define a hard limit."))
+	cmd.Flags().String("scopes", "", i18n.T("A comma-delimited set of quota scopes that must all match each object tracked by the quota."))
+	return cmd
+}
+
+func (o *QuotaOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ResourceQuotaV1GeneratorName:
+		generator = &kubectl.ResourceQuotaGeneratorV1{
+			Name:   name,
+			Hard:   cmdutil.GetFlagString(cmd, "hard"),
+			Scopes: cmdutil.GetFlagString(cmd, "scopes"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateQuota implements the behavior to run the create quota command
+func (o *QuotaOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_quota_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_quota_test.go
@ -0,0 +1,68 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"testing"
+
+	"k8s.io/api/core/v1"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+func TestCreateQuota(t *testing.T) {
+	resourceQuotaObject := &v1.ResourceQuota{}
+	resourceQuotaObject.Name = "my-quota"
+
+	tests := map[string]struct {
+		flags          []string
+		expectedOutput string
+	}{
+		"single resource": {
+			flags:          []string{"--hard=cpu=1"},
+			expectedOutput: "resourcequota/" + resourceQuotaObject.Name + "\n",
+		},
+		"single resource with a scope": {
+			flags:          []string{"--hard=cpu=1", "--scopes=BestEffort"},
+			expectedOutput: "resourcequota/" + resourceQuotaObject.Name + "\n",
+		},
+		"multiple resources": {
+			flags:          []string{"--hard=cpu=1,pods=42", "--scopes=BestEffort"},
+			expectedOutput: "resourcequota/" + resourceQuotaObject.Name + "\n",
+		},
+		"single resource with multiple scopes": {
+			flags:          []string{"--hard=cpu=1", "--scopes=BestEffort,NotTerminating"},
+			expectedOutput: "resourcequota/" + resourceQuotaObject.Name + "\n",
+		},
+	}
+	for name, test := range tests {
+		t.Run(name, func(t *testing.T) {
+			tf := cmdtesting.NewTestFactory().WithNamespace("test")
+			defer tf.Cleanup()
+
+			ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+			cmd := NewCmdCreateQuota(tf, ioStreams)
+			cmd.Flags().Parse(test.flags)
+			cmd.Flags().Set("output", "name")
+			cmd.Run(cmd, []string{resourceQuotaObject.Name})
+
+			if buf.String() != test.expectedOutput {
+				t.Errorf("%s: expected output: %s, but got: %s", name, test.expectedOutput, buf.String())
+			}
+		})
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_role.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_role.go
@ -0,0 +1,378 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/spf13/cobra"
+
+	rbacv1 "k8s.io/api/rbac/v1"
+	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/sets"
+	clientgorbacv1 "k8s.io/client-go/kubernetes/typed/rbac/v1"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	roleLong = templates.LongDesc(i18n.T(`
+		Create a role with single rule.`))
+
+	roleExample = templates.Examples(i18n.T(`
+		# Create a Role named "pod-reader" that allows user to perform "get", "watch" and "list" on pods
+		kubectl create role pod-reader --verb=get --verb=list --verb=watch --resource=pods
+
+		# Create a Role named "pod-reader" with ResourceName specified
+		kubectl create role pod-reader --verb=get --resource=pods --resource-name=readablepod --resource-name=anotherpod
+
+		# Create a Role named "foo" with API Group specified
+		kubectl create role foo --verb=get,list,watch --resource=rs.extensions
+
+		# Create a Role named "foo" with SubResource specified
+		kubectl create role foo --verb=get,list,watch --resource=pods,pods/status`))
+
+	// Valid resource verb list for validation.
+	validResourceVerbs = []string{"*", "get", "delete", "list", "create", "update", "patch", "watch", "proxy", "deletecollection", "use", "bind", "impersonate"}
+
+	// Specialized verbs and GroupResources
+	specialVerbs = map[string][]schema.GroupResource{
+		"use": {
+			{
+				Group:    "extensions",
+				Resource: "podsecuritypolicies",
+			},
+		},
+		"bind": {
+			{
+				Group:    "rbac.authorization.k8s.io",
+				Resource: "roles",
+			},
+			{
+				Group:    "rbac.authorization.k8s.io",
+				Resource: "clusterroles",
+			},
+		},
+		"impersonate": {
+			{
+				Group:    "",
+				Resource: "users",
+			},
+			{
+				Group:    "",
+				Resource: "serviceaccounts",
+			},
+			{
+				Group:    "",
+				Resource: "groups",
+			},
+			{
+				Group:    "authentication.k8s.io",
+				Resource: "userextras",
+			},
+		},
+	}
+)
+
+type ResourceOptions struct {
+	Group       string
+	Resource    string
+	SubResource string
+}
+
+type CreateRoleOptions struct {
+	PrintFlags *genericclioptions.PrintFlags
+
+	Name          string
+	Verbs         []string
+	Resources     []ResourceOptions
+	ResourceNames []string
+
+	DryRun       bool
+	OutputFormat string
+	Namespace    string
+	Client       clientgorbacv1.RbacV1Interface
+	Mapper       meta.RESTMapper
+	PrintObj     func(obj runtime.Object) error
+
+	genericclioptions.IOStreams
+}
+
+func NewCreateRoleOptions(ioStreams genericclioptions.IOStreams) *CreateRoleOptions {
+	return &CreateRoleOptions{
+		PrintFlags: genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+
+		IOStreams: ioStreams,
+	}
+}
+
+// Role is a command to ease creating Roles.
+func NewCmdCreateRole(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	o := NewCreateRoleOptions(ioStreams)
+
+	cmd := &cobra.Command{
+		Use: "role NAME --verb=verb --resource=resource.group/subresource [--resource-name=resourcename] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   roleLong,
+		Long:    roleLong,
+		Example: roleExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(o.Complete(f, cmd, args))
+			cmdutil.CheckErr(o.Validate())
+			cmdutil.CheckErr(o.RunCreateRole())
+		},
+	}
+
+	o.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddDryRunFlag(cmd)
+	cmd.Flags().StringSliceVar(&o.Verbs, "verb", o.Verbs, "Verb that applies to the resources contained in the rule")
+	cmd.Flags().StringSlice("resource", []string{}, "Resource that the rule applies to")
+	cmd.Flags().StringArrayVar(&o.ResourceNames, "resource-name", o.ResourceNames, "Resource in the white list that the rule applies to, repeat this flag for multiple items")
+
+	return cmd
+}
+
+func (o *CreateRoleOptions) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+	o.Name = name
+
+	// Remove duplicate verbs.
+	verbs := []string{}
+	for _, v := range o.Verbs {
+		// VerbAll respresents all kinds of verbs.
+		if v == "*" {
+			verbs = []string{"*"}
+			break
+		}
+		if !arrayContains(verbs, v) {
+			verbs = append(verbs, v)
+		}
+	}
+	o.Verbs = verbs
+
+	// Support resource.group pattern. If no API Group specified, use "" as core API Group.
+	// e.g. --resource=pods,deployments.extensions
+	resources := cmdutil.GetFlagStringSlice(cmd, "resource")
+	for _, r := range resources {
+		sections := strings.SplitN(r, "/", 2)
+
+		resource := &ResourceOptions{}
+		if len(sections) == 2 {
+			resource.SubResource = sections[1]
+		}
+
+		parts := strings.SplitN(sections[0], ".", 2)
+		if len(parts) == 2 {
+			resource.Group = parts[1]
+		}
+		resource.Resource = parts[0]
+
+		o.Resources = append(o.Resources, *resource)
+	}
+
+	// Remove duplicate resource names.
+	resourceNames := []string{}
+	for _, n := range o.ResourceNames {
+		if !arrayContains(resourceNames, n) {
+			resourceNames = append(resourceNames, n)
+		}
+	}
+	o.ResourceNames = resourceNames
+
+	// Complete other options for Run.
+	o.Mapper, err = f.ToRESTMapper()
+	if err != nil {
+		return err
+	}
+
+	o.DryRun = cmdutil.GetDryRunFlag(cmd)
+	o.OutputFormat = cmdutil.GetFlagString(cmd, "output")
+
+	if o.DryRun {
+		o.PrintFlags.Complete("%s (dry run)")
+	}
+	printer, err := o.PrintFlags.ToPrinter()
+	if err != nil {
+		return err
+	}
+	o.PrintObj = func(obj runtime.Object) error {
+		return printer.PrintObj(obj, o.Out)
+	}
+
+	o.Namespace, _, err = f.ToRawKubeConfigLoader().Namespace()
+	if err != nil {
+		return err
+	}
+
+	clientset, err := f.KubernetesClientSet()
+	if err != nil {
+		return err
+	}
+	o.Client = clientset.RbacV1()
+
+	return nil
+}
+
+func (o *CreateRoleOptions) Validate() error {
+	if o.Name == "" {
+		return fmt.Errorf("name must be specified")
+	}
+
+	// validate verbs.
+	if len(o.Verbs) == 0 {
+		return fmt.Errorf("at least one verb must be specified")
+	}
+
+	for _, v := range o.Verbs {
+		if !arrayContains(validResourceVerbs, v) {
+			return fmt.Errorf("invalid verb: '%s'", v)
+		}
+	}
+
+	// validate resources.
+	if len(o.Resources) == 0 {
+		return fmt.Errorf("at least one resource must be specified")
+	}
+
+	return o.validateResource()
+}
+
+func (o *CreateRoleOptions) validateResource() error {
+	for _, r := range o.Resources {
+		if len(r.Resource) == 0 {
+			return fmt.Errorf("resource must be specified if apiGroup/subresource specified")
+		}
+
+		resource := schema.GroupVersionResource{Resource: r.Resource, Group: r.Group}
+		groupVersionResource, err := o.Mapper.ResourceFor(schema.GroupVersionResource{Resource: r.Resource, Group: r.Group})
+		if err == nil {
+			resource = groupVersionResource
+		}
+
+		for _, v := range o.Verbs {
+			if groupResources, ok := specialVerbs[v]; ok {
+				match := false
+				for _, extra := range groupResources {
+					if resource.Resource == extra.Resource && resource.Group == extra.Group {
+						match = true
+						err = nil
+						break
+					}
+				}
+				if !match {
+					return fmt.Errorf("can not perform '%s' on '%s' in group '%s'", v, resource.Resource, resource.Group)
+				}
+			}
+		}
+
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (o *CreateRoleOptions) RunCreateRole() error {
+	role := &rbacv1.Role{
+		// this is ok because we know exactly how we want to be serialized
+		TypeMeta: metav1.TypeMeta{APIVersion: rbacv1.SchemeGroupVersion.String(), Kind: "Role"},
+	}
+	role.Name = o.Name
+	rules, err := generateResourcePolicyRules(o.Mapper, o.Verbs, o.Resources, o.ResourceNames, []string{})
+	if err != nil {
+		return err
+	}
+	role.Rules = rules
+
+	// Create role.
+	if !o.DryRun {
+		role, err = o.Client.Roles(o.Namespace).Create(role)
+		if err != nil {
+			return err
+		}
+	}
+
+	return o.PrintObj(role)
+}
+
+func arrayContains(s []string, e string) bool {
+	for _, a := range s {
+		if a == e {
+			return true
+		}
+	}
+	return false
+}
+
+func generateResourcePolicyRules(mapper meta.RESTMapper, verbs []string, resources []ResourceOptions, resourceNames []string, nonResourceURLs []string) ([]rbacv1.PolicyRule, error) {
+	// groupResourceMapping is a apigroup-resource map. The key of this map is api group, while the value
+	// is a string array of resources under this api group.
+	// E.g.  groupResourceMapping = {"extensions": ["replicasets", "deployments"], "batch":["jobs"]}
+	groupResourceMapping := map[string][]string{}
+
+	// This loop does the following work:
+	// 1. Constructs groupResourceMapping based on input resources.
+	// 2. Prevents pointing to non-existent resources.
+	// 3. Transfers resource short name to long name. E.g. rs.extensions is transferred to replicasets.extensions
+	for _, r := range resources {
+		resource := schema.GroupVersionResource{Resource: r.Resource, Group: r.Group}
+		groupVersionResource, err := mapper.ResourceFor(schema.GroupVersionResource{Resource: r.Resource, Group: r.Group})
+		if err == nil {
+			resource = groupVersionResource
+		}
+
+		if len(r.SubResource) > 0 {
+			resource.Resource = resource.Resource + "/" + r.SubResource
+		}
+		if !arrayContains(groupResourceMapping[resource.Group], resource.Resource) {
+			groupResourceMapping[resource.Group] = append(groupResourceMapping[resource.Group], resource.Resource)
+		}
+	}
+
+	// Create separate rule for each of the api group.
+	rules := []rbacv1.PolicyRule{}
+	for _, g := range sets.StringKeySet(groupResourceMapping).List() {
+		rule := rbacv1.PolicyRule{}
+		rule.Verbs = verbs
+		rule.Resources = groupResourceMapping[g]
+		rule.APIGroups = []string{g}
+		rule.ResourceNames = resourceNames
+		rules = append(rules, rule)
+	}
+
+	if len(nonResourceURLs) > 0 {
+		rule := rbacv1.PolicyRule{}
+		rule.Verbs = verbs
+		rule.NonResourceURLs = nonResourceURLs
+		rules = append(rules, rule)
+	}
+
+	return rules, nil
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_role_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_role_test.go
@ -0,0 +1,523 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"reflect"
+	"testing"
+
+	rbac "k8s.io/api/rbac/v1"
+	"k8s.io/apimachinery/pkg/api/equality"
+	"k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/diff"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+func TestCreateRole(t *testing.T) {
+	roleName := "my-role"
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	tf.Client = &fake.RESTClient{}
+	tf.ClientConfigVal = defaultClientConfig()
+
+	tests := map[string]struct {
+		verbs         string
+		resources     string
+		resourceNames string
+		expectedRole  *rbac.Role
+	}{
+		"test-duplicate-resources": {
+			verbs:     "get,watch,list",
+			resources: "pods,pods",
+			expectedRole: &rbac.Role{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "Role"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: roleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"pods"},
+						APIGroups:     []string{""},
+						ResourceNames: []string{},
+					},
+				},
+			},
+		},
+		"test-subresources": {
+			verbs:     "get,watch,list",
+			resources: "replicasets/scale",
+			expectedRole: &rbac.Role{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "Role"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: roleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"replicasets/scale"},
+						APIGroups:     []string{"extensions"},
+						ResourceNames: []string{},
+					},
+				},
+			},
+		},
+		"test-subresources-with-apigroup": {
+			verbs:     "get,watch,list",
+			resources: "replicasets.extensions/scale",
+			expectedRole: &rbac.Role{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "Role"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: roleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"replicasets/scale"},
+						APIGroups:     []string{"extensions"},
+						ResourceNames: []string{},
+					},
+				},
+			},
+		},
+		"test-valid-case-with-multiple-apigroups": {
+			verbs:     "get,watch,list",
+			resources: "pods,deployments.extensions",
+			expectedRole: &rbac.Role{
+				TypeMeta: v1.TypeMeta{APIVersion: "rbac.authorization.k8s.io/v1", Kind: "Role"},
+				ObjectMeta: v1.ObjectMeta{
+					Name: roleName,
+				},
+				Rules: []rbac.PolicyRule{
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"pods"},
+						APIGroups:     []string{""},
+						ResourceNames: []string{},
+					},
+					{
+						Verbs:         []string{"get", "watch", "list"},
+						Resources:     []string{"deployments"},
+						APIGroups:     []string{"extensions"},
+						ResourceNames: []string{},
+					},
+				},
+			},
+		},
+	}
+
+	for name, test := range tests {
+		t.Run(name, func(t *testing.T) {
+			ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+			cmd := NewCmdCreateRole(tf, ioStreams)
+			cmd.Flags().Set("dry-run", "true")
+			cmd.Flags().Set("output", "yaml")
+			cmd.Flags().Set("verb", test.verbs)
+			cmd.Flags().Set("resource", test.resources)
+			if test.resourceNames != "" {
+				cmd.Flags().Set("resource-name", test.resourceNames)
+			}
+			cmd.Run(cmd, []string{roleName})
+			actual := &rbac.Role{}
+			if err := runtime.DecodeInto(legacyscheme.Codecs.UniversalDecoder(), buf.Bytes(), actual); err != nil {
+				t.Log(string(buf.Bytes()))
+				t.Fatal(err)
+			}
+			if !equality.Semantic.DeepEqual(test.expectedRole, actual) {
+				t.Errorf("%s", diff.ObjectReflectDiff(test.expectedRole, actual))
+			}
+		})
+	}
+}
+
+func TestValidate(t *testing.T) {
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	tests := map[string]struct {
+		roleOptions *CreateRoleOptions
+		expectErr   bool
+	}{
+		"test-missing-name": {
+			roleOptions: &CreateRoleOptions{},
+			expectErr:   true,
+		},
+		"test-missing-verb": {
+			roleOptions: &CreateRoleOptions{
+				Name: "my-role",
+			},
+			expectErr: true,
+		},
+		"test-missing-resource": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"get"},
+			},
+			expectErr: true,
+		},
+		"test-missing-resource-existing-apigroup": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"get"},
+				Resources: []ResourceOptions{
+					{
+						Group: "extensions",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-missing-resource-existing-subresource": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"get"},
+				Resources: []ResourceOptions{
+					{
+						SubResource: "scale",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-invalid-verb": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"invalid-verb"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-nonresource-verb": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"post"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-special-verb": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"use"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-mix-verbs": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"impersonate", "use"},
+				Resources: []ResourceOptions{
+					{
+						Resource:    "userextras",
+						SubResource: "scopes",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-special-verb-with-wrong-apigroup": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"impersonate"},
+				Resources: []ResourceOptions{
+					{
+						Resource:    "userextras",
+						SubResource: "scopes",
+						Group:       "extensions",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-invalid-resource": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"get"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "invalid-resource",
+					},
+				},
+			},
+			expectErr: true,
+		},
+		"test-resource-name-with-multiple-resources": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"get"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+					},
+					{
+						Resource: "deployments",
+						Group:    "extensions",
+					},
+				},
+				ResourceNames: []string{"foo"},
+			},
+			expectErr: false,
+		},
+		"test-valid-case": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "role-binder",
+				Verbs: []string{"get", "list", "bind"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "roles",
+						Group:    "rbac.authorization.k8s.io",
+					},
+				},
+				ResourceNames: []string{"foo"},
+			},
+			expectErr: false,
+		},
+		"test-valid-case-with-subresource": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"get", "list"},
+				Resources: []ResourceOptions{
+					{
+						Resource:    "replicasets",
+						SubResource: "scale",
+					},
+				},
+				ResourceNames: []string{"bar"},
+			},
+			expectErr: false,
+		},
+		"test-valid-case-with-additional-resource": {
+			roleOptions: &CreateRoleOptions{
+				Name:  "my-role",
+				Verbs: []string{"impersonate"},
+				Resources: []ResourceOptions{
+					{
+						Resource:    "userextras",
+						SubResource: "scopes",
+						Group:       "authentication.k8s.io",
+					},
+				},
+			},
+			expectErr: false,
+		},
+	}
+
+	for name, test := range tests {
+		var err error
+		test.roleOptions.Mapper, err = tf.ToRESTMapper()
+		if err != nil {
+			t.Fatal(err)
+		}
+		err = test.roleOptions.Validate()
+		if test.expectErr && err == nil {
+			t.Errorf("%s: expect error happens but validate passes.", name)
+		}
+		if !test.expectErr && err != nil {
+			t.Errorf("%s: unexpected error: %v", name, err)
+		}
+	}
+}
+
+func TestComplete(t *testing.T) {
+	roleName := "my-role"
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	tf.Client = &fake.RESTClient{}
+	tf.ClientConfigVal = defaultClientConfig()
+
+	cmd := NewCmdCreateRole(tf, genericclioptions.NewTestIOStreamsDiscard())
+	cmd.Flags().Set("resource", "pods,deployments.extensions")
+
+	tests := map[string]struct {
+		params      []string
+		roleOptions *CreateRoleOptions
+		expected    *CreateRoleOptions
+		expectErr   bool
+	}{
+		"test-missing-name": {
+			params: []string{},
+			roleOptions: &CreateRoleOptions{
+				PrintFlags: genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+			},
+			expectErr: true,
+		},
+		"test-duplicate-verbs": {
+			params: []string{roleName},
+			roleOptions: &CreateRoleOptions{
+				PrintFlags: genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+				Name:       roleName,
+				Verbs: []string{
+					"get",
+					"watch",
+					"list",
+					"get",
+				},
+			},
+			expected: &CreateRoleOptions{
+				Name: roleName,
+				Verbs: []string{
+					"get",
+					"watch",
+					"list",
+				},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+						Group:    "",
+					},
+					{
+						Resource: "deployments",
+						Group:    "extensions",
+					},
+				},
+				ResourceNames: []string{},
+			},
+			expectErr: false,
+		},
+		"test-verball": {
+			params: []string{roleName},
+			roleOptions: &CreateRoleOptions{
+				PrintFlags: genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+				Name:       roleName,
+				Verbs: []string{
+					"get",
+					"watch",
+					"list",
+					"*",
+				},
+			},
+			expected: &CreateRoleOptions{
+				Name:  roleName,
+				Verbs: []string{"*"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+						Group:    "",
+					},
+					{
+						Resource: "deployments",
+						Group:    "extensions",
+					},
+				},
+				ResourceNames: []string{},
+			},
+			expectErr: false,
+		},
+		"test-duplicate-resourcenames": {
+			params: []string{roleName},
+			roleOptions: &CreateRoleOptions{
+				PrintFlags:    genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+				Name:          roleName,
+				Verbs:         []string{"*"},
+				ResourceNames: []string{"foo", "foo"},
+			},
+			expected: &CreateRoleOptions{
+				Name:  roleName,
+				Verbs: []string{"*"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+						Group:    "",
+					},
+					{
+						Resource: "deployments",
+						Group:    "extensions",
+					},
+				},
+				ResourceNames: []string{"foo"},
+			},
+			expectErr: false,
+		},
+		"test-valid-complete-case": {
+			params: []string{roleName},
+			roleOptions: &CreateRoleOptions{
+				PrintFlags:    genericclioptions.NewPrintFlags("created").WithTypeSetter(legacyscheme.Scheme),
+				Name:          roleName,
+				Verbs:         []string{"*"},
+				ResourceNames: []string{"foo"},
+			},
+			expected: &CreateRoleOptions{
+				Name:  roleName,
+				Verbs: []string{"*"},
+				Resources: []ResourceOptions{
+					{
+						Resource: "pods",
+						Group:    "",
+					},
+					{
+						Resource: "deployments",
+						Group:    "extensions",
+					},
+				},
+				ResourceNames: []string{"foo"},
+			},
+			expectErr: false,
+		},
+	}
+
+	for name, test := range tests {
+		err := test.roleOptions.Complete(tf, cmd, test.params)
+		if !test.expectErr && err != nil {
+			t.Errorf("%s: unexpected error: %v", name, err)
+		}
+
+		if test.expectErr {
+			if err != nil {
+				continue
+			} else {
+				t.Errorf("%s: expect error happens but test passes.", name)
+			}
+		}
+
+		if test.roleOptions.Name != test.expected.Name {
+			t.Errorf("%s:\nexpected name:\n%#v\nsaw name:\n%#v", name, test.expected.Name, test.roleOptions.Name)
+		}
+
+		if !reflect.DeepEqual(test.roleOptions.Verbs, test.expected.Verbs) {
+			t.Errorf("%s:\nexpected verbs:\n%#v\nsaw verbs:\n%#v", name, test.expected.Verbs, test.roleOptions.Verbs)
+		}
+
+		if !reflect.DeepEqual(test.roleOptions.Resources, test.expected.Resources) {
+			t.Errorf("%s:\nexpected resources:\n%#v\nsaw resources:\n%#v", name, test.expected.Resources, test.roleOptions.Resources)
+		}
+
+		if !reflect.DeepEqual(test.roleOptions.ResourceNames, test.expected.ResourceNames) {
+			t.Errorf("%s:\nexpected resource names:\n%#v\nsaw resource names:\n%#v", name, test.expected.ResourceNames, test.roleOptions.ResourceNames)
+		}
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_rolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_rolebinding.go
@ -0,0 +1,99 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	roleBindingLong = templates.LongDesc(i18n.T(`
+		Create a RoleBinding for a particular Role or ClusterRole.`))
+
+	roleBindingExample = templates.Examples(i18n.T(`
+		  # Create a RoleBinding for user1, user2, and group1 using the admin ClusterRole
+		  kubectl create rolebinding admin --clusterrole=admin --user=user1 --user=user2 --group=group1`))
+)
+
+type RoleBindingOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// RoleBinding is a command to ease creating RoleBindings.
+func NewCmdCreateRoleBinding(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &RoleBindingOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "rolebinding NAME --clusterrole=NAME|--role=NAME [--user=username] [--group=groupname] [--serviceaccount=namespace:serviceaccountname] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a RoleBinding for a particular Role or ClusterRole"),
+		Long:    roleBindingLong,
+		Example: roleBindingExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.RoleBindingV1GeneratorName)
+	cmd.Flags().String("clusterrole", "", i18n.T("ClusterRole this RoleBinding should reference"))
+	cmd.Flags().String("role", "", i18n.T("Role this RoleBinding should reference"))
+	cmd.Flags().StringArray("user", []string{}, "Usernames to bind to the role")
+	cmd.Flags().StringArray("group", []string{}, "Groups to bind to the role")
+	cmd.Flags().StringArray("serviceaccount", []string{}, "Service accounts to bind to the role, in the format <namespace>:<name>")
+	return cmd
+}
+
+func (o *RoleBindingOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.RoleBindingV1GeneratorName:
+		generator = &kubectl.RoleBindingGeneratorV1{
+			Name:            name,
+			ClusterRole:     cmdutil.GetFlagString(cmd, "clusterrole"),
+			Role:            cmdutil.GetFlagString(cmd, "role"),
+			Users:           cmdutil.GetFlagStringArray(cmd, "user"),
+			Groups:          cmdutil.GetFlagStringArray(cmd, "group"),
+			ServiceAccounts: cmdutil.GetFlagStringArray(cmd, "serviceaccount"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+func (o *RoleBindingOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_rolebinding_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_rolebinding_test.go
@ -0,0 +1,144 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"reflect"
+	"testing"
+
+	rbac "k8s.io/api/rbac/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+)
+
+var groupVersion = schema.GroupVersion{Group: "rbac.authorization.k8s.io", Version: "v1"}
+
+func TestCreateRoleBinding(t *testing.T) {
+	expectBinding := &rbac.RoleBinding{
+		TypeMeta: v1.TypeMeta{
+			APIVersion: "rbac.authorization.k8s.io/v1",
+			Kind:       "RoleBinding",
+		},
+		ObjectMeta: v1.ObjectMeta{
+			Name: "fake-binding",
+		},
+		RoleRef: rbac.RoleRef{
+			APIGroup: rbac.GroupName,
+			Kind:     "Role",
+			Name:     "fake-role",
+		},
+		Subjects: []rbac.Subject{
+			{
+				Kind:     rbac.UserKind,
+				APIGroup: "rbac.authorization.k8s.io",
+				Name:     "fake-user",
+			},
+			{
+				Kind:     rbac.GroupKind,
+				APIGroup: "rbac.authorization.k8s.io",
+				Name:     "fake-group",
+			},
+			{
+				Kind:      rbac.ServiceAccountKind,
+				Namespace: "fake-namespace",
+				Name:      "fake-account",
+			},
+		},
+	}
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	ns := legacyscheme.Codecs
+
+	info, _ := runtime.SerializerInfoForMediaType(ns.SupportedMediaTypes(), runtime.ContentTypeJSON)
+	encoder := ns.EncoderForVersion(info.Serializer, groupVersion)
+	decoder := ns.DecoderToVersion(info.Serializer, groupVersion)
+
+	tf.Client = &RoleBindingRESTClient{
+		RESTClient: &fake.RESTClient{
+			NegotiatedSerializer: ns,
+			Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+				switch p, m := req.URL.Path, req.Method; {
+				case p == "/namespaces/test/rolebindings" && m == "POST":
+					bodyBits, err := ioutil.ReadAll(req.Body)
+					if err != nil {
+						t.Fatalf("TestCreateRoleBinding error: %v", err)
+						return nil, nil
+					}
+
+					if obj, _, err := decoder.Decode(bodyBits, nil, &rbac.RoleBinding{}); err == nil {
+						if !reflect.DeepEqual(obj.(*rbac.RoleBinding), expectBinding) {
+							t.Fatalf("TestCreateRoleBinding: expected:\n%#v\nsaw:\n%#v", expectBinding, obj.(*rbac.RoleBinding))
+							return nil, nil
+						}
+					} else {
+						t.Fatalf("TestCreateRoleBinding error, could not decode the request body into rbac.RoleBinding object: %v", err)
+						return nil, nil
+					}
+
+					responseBinding := &rbac.RoleBinding{}
+					responseBinding.Name = "fake-binding"
+					return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: ioutil.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(encoder, responseBinding))))}, nil
+				default:
+					t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+					return nil, nil
+				}
+			}),
+		},
+	}
+
+	cmd := NewCmdCreateRoleBinding(tf, genericclioptions.NewTestIOStreamsDiscard())
+	cmd.Flags().Set("role", "fake-role")
+	cmd.Flags().Set("user", "fake-user")
+	cmd.Flags().Set("group", "fake-group")
+	cmd.Flags().Set("serviceaccount", "fake-namespace:fake-account")
+	cmd.Run(cmd, []string{"fake-binding"})
+}
+
+type RoleBindingRESTClient struct {
+	*fake.RESTClient
+}
+
+func (c *RoleBindingRESTClient) Post() *restclient.Request {
+	config := restclient.ContentConfig{
+		ContentType:          runtime.ContentTypeJSON,
+		GroupVersion:         &groupVersion,
+		NegotiatedSerializer: c.NegotiatedSerializer,
+	}
+
+	info, _ := runtime.SerializerInfoForMediaType(c.NegotiatedSerializer.SupportedMediaTypes(), runtime.ContentTypeJSON)
+	serializers := restclient.Serializers{
+		Encoder: c.NegotiatedSerializer.EncoderForVersion(info.Serializer, groupVersion),
+		Decoder: c.NegotiatedSerializer.DecoderToVersion(info.Serializer, groupVersion),
+	}
+	if info.StreamSerializer != nil {
+		serializers.StreamingSerializer = info.StreamSerializer.Serializer
+		serializers.Framer = info.StreamSerializer.Framer
+	}
+	return restclient.NewRequest(c, "POST", &url.URL{Host: "localhost"}, c.VersionedAPIPath, config, serializers, nil, nil, 0)
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_secret.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_secret.go
@ -0,0 +1,315 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+// NewCmdCreateSecret groups subcommands to create various types of secrets
+func NewCmdCreateSecret(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "secret",
+		Short: i18n.T("Create a secret using specified subcommand"),
+		Long:  "Create a secret using specified subcommand.",
+		Run:   cmdutil.DefaultSubCommandRun(ioStreams.ErrOut),
+	}
+	cmd.AddCommand(NewCmdCreateSecretDockerRegistry(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateSecretTLS(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateSecretGeneric(f, ioStreams))
+
+	return cmd
+}
+
+var (
+	secretLong = templates.LongDesc(i18n.T(`
+		Create a secret based on a file, directory, or specified literal value.
+
+		A single secret may package one or more key/value pairs.
+
+		When creating a secret based on a file, the key will default to the basename of the file, and the value will
+		default to the file content. If the basename is an invalid key or you wish to chose your own, you may specify
+		an alternate key.
+
+		When creating a secret based on a directory, each file whose basename is a valid key in the directory will be
+		packaged into the secret. Any directory entries except regular files are ignored (e.g. subdirectories,
+		symlinks, devices, pipes, etc).`))
+
+	secretExample = templates.Examples(i18n.T(`
+	  # Create a new secret named my-secret with keys for each file in folder bar
+	  kubectl create secret generic my-secret --from-file=path/to/bar
+
+	  # Create a new secret named my-secret with specified keys instead of names on disk
+	  kubectl create secret generic my-secret --from-file=ssh-privatekey=~/.ssh/id_rsa --from-file=ssh-publickey=~/.ssh/id_rsa.pub
+
+	  # Create a new secret named my-secret with key1=supersecret and key2=topsecret
+	  kubectl create secret generic my-secret --from-literal=key1=supersecret --from-literal=key2=topsecret
+
+	  # Create a new secret named my-secret using a combination of a file and a literal
+	  kubectl create secret generic my-secret --from-file=ssh-privatekey=~/.ssh/id_rsa --from-literal=passphrase=topsecret
+
+	  # Create a new secret named my-secret from an env file
+	  kubectl create secret generic my-secret --from-env-file=path/to/bar.env`))
+)
+
+type SecretGenericOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateSecretGeneric is a command to create generic secrets from files, directories, or literal values
+func NewCmdCreateSecretGeneric(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &SecretGenericOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "generic NAME [--type=string] [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a secret from a local file, directory or literal value"),
+		Long:    secretLong,
+		Example: secretExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.SecretV1GeneratorName)
+	cmd.Flags().StringSlice("from-file", []string{}, "Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used.  Specifying a directory will iterate each named file in the directory that is a valid secret key.")
+	cmd.Flags().StringArray("from-literal", []string{}, "Specify a key and literal value to insert in secret (i.e. mykey=somevalue)")
+	cmd.Flags().String("from-env-file", "", "Specify the path to a file to read lines of key=val pairs to create a secret (i.e. a Docker .env file).")
+	cmd.Flags().String("type", "", i18n.T("The type of secret to create"))
+	cmd.Flags().Bool("append-hash", false, "Append a hash of the secret to its name.")
+	return cmd
+}
+
+func (o *SecretGenericOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.SecretV1GeneratorName:
+		generator = &kubectl.SecretGeneratorV1{
+			Name:           name,
+			Type:           cmdutil.GetFlagString(cmd, "type"),
+			FileSources:    cmdutil.GetFlagStringSlice(cmd, "from-file"),
+			LiteralSources: cmdutil.GetFlagStringArray(cmd, "from-literal"),
+			EnvFileSource:  cmdutil.GetFlagString(cmd, "from-env-file"),
+			AppendHash:     cmdutil.GetFlagBool(cmd, "append-hash"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateSecretGeneric is the implementation of the create secret generic command
+func (o *SecretGenericOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
+
+var (
+	secretForDockerRegistryLong = templates.LongDesc(i18n.T(`
+		Create a new secret for use with Docker registries.
+
+		Dockercfg secrets are used to authenticate against Docker registries.
+
+		When using the Docker command line to push images, you can authenticate to a given registry by running:
+			'$ docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'.
+
+	That produces a ~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to
+		authenticate to the registry. The email address is optional.
+
+		When creating applications, you may have a Docker registry that requires authentication.  In order for the
+		nodes to pull images on your behalf, they have to have the credentials.  You can provide this information
+		by creating a dockercfg secret and attaching it to your service account.`))
+
+	secretForDockerRegistryExample = templates.Examples(i18n.T(`
+		  # If you don't already have a .dockercfg file, you can create a dockercfg secret directly by using:
+		  kubectl create secret docker-registry my-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL`))
+)
+
+type SecretDockerRegistryOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateSecretDockerRegistry is a macro command for creating secrets to work with Docker registries
+func NewCmdCreateSecretDockerRegistry(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &SecretDockerRegistryOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "docker-registry NAME --docker-username=user --docker-password=password --docker-email=email [--docker-server=string] [--from-literal=key1=value1] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a secret for use with a Docker registry"),
+		Long:    secretForDockerRegistryLong,
+		Example: secretForDockerRegistryExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.SecretForDockerRegistryV1GeneratorName)
+	cmd.Flags().String("docker-username", "", i18n.T("Username for Docker registry authentication"))
+	cmd.MarkFlagRequired("docker-username")
+	cmd.Flags().String("docker-password", "", i18n.T("Password for Docker registry authentication"))
+	cmd.MarkFlagRequired("docker-password")
+	cmd.Flags().String("docker-email", "", i18n.T("Email for Docker registry"))
+	cmd.Flags().String("docker-server", "https://index.docker.io/v1/", i18n.T("Server location for Docker registry"))
+	cmd.Flags().Bool("append-hash", false, "Append a hash of the secret to its name.")
+	cmd.Flags().StringSlice("from-file", []string{}, "Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used.  Specifying a directory will iterate each named file in the directory that is a valid secret key.")
+
+	return cmd
+}
+
+func (o *SecretDockerRegistryOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	fromFileFlag := cmdutil.GetFlagStringSlice(cmd, "from-file")
+	if len(fromFileFlag) == 0 {
+		requiredFlags := []string{"docker-username", "docker-password", "docker-server"}
+		for _, requiredFlag := range requiredFlags {
+			if value := cmdutil.GetFlagString(cmd, requiredFlag); len(value) == 0 {
+				return cmdutil.UsageErrorf(cmd, "flag %s is required", requiredFlag)
+			}
+		}
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.SecretForDockerRegistryV1GeneratorName:
+		generator = &kubectl.SecretForDockerRegistryGeneratorV1{
+			Name:        name,
+			Username:    cmdutil.GetFlagString(cmd, "docker-username"),
+			Email:       cmdutil.GetFlagString(cmd, "docker-email"),
+			Password:    cmdutil.GetFlagString(cmd, "docker-password"),
+			Server:      cmdutil.GetFlagString(cmd, "docker-server"),
+			AppendHash:  cmdutil.GetFlagBool(cmd, "append-hash"),
+			FileSources: cmdutil.GetFlagStringSlice(cmd, "from-file"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateSecretDockerRegistry is the implementation of the create secret docker-registry command
+func (o *SecretDockerRegistryOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
+
+var (
+	secretForTLSLong = templates.LongDesc(i18n.T(`
+		Create a TLS secret from the given public/private key pair.
+
+		The public/private key pair must exist before hand. The public key certificate must be .PEM encoded and match
+		the given private key.`))
+
+	secretForTLSExample = templates.Examples(i18n.T(`
+	  # Create a new TLS secret named tls-secret with the given key pair:
+	  kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key`))
+)
+
+type SecretTLSOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateSecretTLS is a macro command for creating secrets to work with Docker registries
+func NewCmdCreateSecretTLS(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &SecretTLSOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "tls NAME --cert=path/to/cert/file --key=path/to/key/file [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a TLS secret"),
+		Long:    secretForTLSLong,
+		Example: secretForTLSExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.SecretForTLSV1GeneratorName)
+	cmd.Flags().String("cert", "", i18n.T("Path to PEM encoded public key certificate."))
+	cmd.Flags().String("key", "", i18n.T("Path to private key associated with given certificate."))
+	cmd.Flags().Bool("append-hash", false, "Append a hash of the secret to its name.")
+	return cmd
+}
+
+func (o *SecretTLSOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	requiredFlags := []string{"cert", "key"}
+	for _, requiredFlag := range requiredFlags {
+		if value := cmdutil.GetFlagString(cmd, requiredFlag); len(value) == 0 {
+			return cmdutil.UsageErrorf(cmd, "flag %s is required", requiredFlag)
+		}
+	}
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.SecretForTLSV1GeneratorName:
+		generator = &kubectl.SecretForTLSGeneratorV1{
+			Name:       name,
+			Key:        cmdutil.GetFlagString(cmd, "key"),
+			Cert:       cmdutil.GetFlagString(cmd, "cert"),
+			AppendHash: cmdutil.GetFlagBool(cmd, "append-hash"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateSecretTLS is the implementation of the create secret tls command
+func (o *SecretTLSOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_secret_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_secret_test.go
@ -0,0 +1,102 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"net/http"
+	"testing"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+)
+
+func TestCreateSecretGeneric(t *testing.T) {
+	secretObject := &v1.Secret{
+		Data: map[string][]byte{
+			"password": []byte("includes,comma"),
+			"username": []byte("test_user"),
+		},
+	}
+	secretObject.Name = "my-secret"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	ns := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/secrets" && m == "POST":
+				return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: objBody(codec, secretObject)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateSecretGeneric(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	cmd.Flags().Set("from-literal", "password=includes,comma")
+	cmd.Flags().Set("from-literal", "username=test_user")
+	cmd.Run(cmd, []string{secretObject.Name})
+	expectedOutput := "secret/" + secretObject.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
+
+func TestCreateSecretDockerRegistry(t *testing.T) {
+	secretObject := &v1.Secret{}
+	secretObject.Name = "my-secret"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	ns := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/secrets" && m == "POST":
+				return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: objBody(codec, secretObject)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateSecretDockerRegistry(tf, ioStreams)
+	cmd.Flags().Set("docker-username", "test-user")
+	cmd.Flags().Set("docker-password", "test-pass")
+	cmd.Flags().Set("docker-email", "test-email")
+	cmd.Flags().Set("output", "name")
+	cmd.Run(cmd, []string{secretObject.Name})
+	expectedOutput := "secret/" + secretObject.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", buf.String(), expectedOutput)
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_service.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_service.go
@ -0,0 +1,333 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+// NewCmdCreateService is a macro command to create a new service
+func NewCmdCreateService(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	cmd := &cobra.Command{
+		Use:     "service",
+		Aliases: []string{"svc"},
+		Short:   i18n.T("Create a service using specified subcommand."),
+		Long:    "Create a service using specified subcommand.",
+		Run:     cmdutil.DefaultSubCommandRun(ioStreams.ErrOut),
+	}
+	cmd.AddCommand(NewCmdCreateServiceClusterIP(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateServiceNodePort(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateServiceLoadBalancer(f, ioStreams))
+	cmd.AddCommand(NewCmdCreateServiceExternalName(f, ioStreams))
+
+	return cmd
+}
+
+var (
+	serviceClusterIPLong = templates.LongDesc(i18n.T(`
+    Create a ClusterIP service with the specified name.`))
+
+	serviceClusterIPExample = templates.Examples(i18n.T(`
+    # Create a new ClusterIP service named my-cs
+    kubectl create service clusterip my-cs --tcp=5678:8080
+
+    # Create a new ClusterIP service named my-cs (in headless mode)
+    kubectl create service clusterip my-cs --clusterip="None"`))
+)
+
+func addPortFlags(cmd *cobra.Command) {
+	cmd.Flags().StringSlice("tcp", []string{}, "Port pairs can be specified as '<port>:<targetPort>'.")
+}
+
+type ServiceClusterIPOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateServiceClusterIP is a command to create a ClusterIP service
+func NewCmdCreateServiceClusterIP(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &ServiceClusterIPOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "clusterip NAME [--tcp=<port>:<targetPort>] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a ClusterIP service."),
+		Long:    serviceClusterIPLong,
+		Example: serviceClusterIPExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ServiceClusterIPGeneratorV1Name)
+	addPortFlags(cmd)
+	cmd.Flags().String("clusterip", "", i18n.T("Assign your own ClusterIP or set to 'None' for a 'headless' service (no loadbalancing)."))
+	return cmd
+}
+
+func errUnsupportedGenerator(cmd *cobra.Command, generatorName string) error {
+	return cmdutil.UsageErrorf(cmd, "Generator %s not supported. ", generatorName)
+}
+
+func (o *ServiceClusterIPOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ServiceClusterIPGeneratorV1Name:
+		generator = &kubectl.ServiceCommonGeneratorV1{
+			Name:      name,
+			TCP:       cmdutil.GetFlagStringSlice(cmd, "tcp"),
+			Type:      v1.ServiceTypeClusterIP,
+			ClusterIP: cmdutil.GetFlagString(cmd, "clusterip"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateServiceClusterIP is the implementation of the create service clusterip command
+func (o *ServiceClusterIPOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
+
+var (
+	serviceNodePortLong = templates.LongDesc(i18n.T(`
+    Create a NodePort service with the specified name.`))
+
+	serviceNodePortExample = templates.Examples(i18n.T(`
+    # Create a new NodePort service named my-ns
+    kubectl create service nodeport my-ns --tcp=5678:8080`))
+)
+
+type ServiceNodePortOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateServiceNodePort is a macro command for creating a NodePort service
+func NewCmdCreateServiceNodePort(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &ServiceNodePortOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "nodeport NAME [--tcp=port:targetPort] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a NodePort service."),
+		Long:    serviceNodePortLong,
+		Example: serviceNodePortExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ServiceNodePortGeneratorV1Name)
+	cmd.Flags().Int("node-port", 0, "Port used to expose the service on each node in a cluster.")
+	addPortFlags(cmd)
+	return cmd
+}
+
+func (o *ServiceNodePortOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ServiceNodePortGeneratorV1Name:
+		generator = &kubectl.ServiceCommonGeneratorV1{
+			Name:      name,
+			TCP:       cmdutil.GetFlagStringSlice(cmd, "tcp"),
+			Type:      v1.ServiceTypeNodePort,
+			ClusterIP: "",
+			NodePort:  cmdutil.GetFlagInt(cmd, "node-port"),
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateServiceNodePort is the implementation of the create service nodeport command
+func (o *ServiceNodePortOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
+
+var (
+	serviceLoadBalancerLong = templates.LongDesc(i18n.T(`
+    Create a LoadBalancer service with the specified name.`))
+
+	serviceLoadBalancerExample = templates.Examples(i18n.T(`
+    # Create a new LoadBalancer service named my-lbs
+    kubectl create service loadbalancer my-lbs --tcp=5678:8080`))
+)
+
+type ServiceLoadBalancerOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateServiceLoadBalancer is a macro command for creating a LoadBalancer service
+func NewCmdCreateServiceLoadBalancer(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &ServiceLoadBalancerOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "loadbalancer NAME [--tcp=port:targetPort] [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create a LoadBalancer service."),
+		Long:    serviceLoadBalancerLong,
+		Example: serviceLoadBalancerExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ServiceLoadBalancerGeneratorV1Name)
+	addPortFlags(cmd)
+	return cmd
+}
+
+func (o *ServiceLoadBalancerOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ServiceLoadBalancerGeneratorV1Name:
+		generator = &kubectl.ServiceCommonGeneratorV1{
+			Name:      name,
+			TCP:       cmdutil.GetFlagStringSlice(cmd, "tcp"),
+			Type:      v1.ServiceTypeLoadBalancer,
+			ClusterIP: "",
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateServiceLoadBalancer is the implementation of the create service loadbalancer command
+func (o *ServiceLoadBalancerOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
+
+var (
+	serviceExternalNameLong = templates.LongDesc(i18n.T(`
+	Create an ExternalName service with the specified name.
+
+	ExternalName service references to an external DNS address instead of
+	only pods, which will allow application authors to reference services
+	that exist off platform, on other clusters, or locally.`))
+
+	serviceExternalNameExample = templates.Examples(i18n.T(`
+	# Create a new ExternalName service named my-ns
+	kubectl create service externalname my-ns --external-name bar.com`))
+)
+
+type ServiceExternalNameOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateServiceExternalName is a macro command for creating an ExternalName service
+func NewCmdCreateServiceExternalName(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &ServiceExternalNameOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "externalname NAME --external-name external.name [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Short:   i18n.T("Create an ExternalName service."),
+		Long:    serviceExternalNameLong,
+		Example: serviceExternalNameExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ServiceExternalNameGeneratorV1Name)
+	addPortFlags(cmd)
+	cmd.Flags().String("external-name", "", i18n.T("External name of service"))
+	cmd.MarkFlagRequired("external-name")
+	return cmd
+}
+
+func (o *ServiceExternalNameOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ServiceExternalNameGeneratorV1Name:
+		generator = &kubectl.ServiceCommonGeneratorV1{
+			Name:         name,
+			Type:         v1.ServiceTypeExternalName,
+			ExternalName: cmdutil.GetFlagString(cmd, "external-name"),
+			ClusterIP:    "",
+		}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateExternalNameService is the implementation of the create service externalname command
+func (o *ServiceExternalNameOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_service_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_service_test.go
@ -0,0 +1,129 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"net/http"
+	"testing"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+)
+
+func TestCreateService(t *testing.T) {
+	service := &v1.Service{}
+	service.Name = "my-service"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	negSer := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: negSer,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/services" && m == "POST":
+				return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: objBody(codec, service)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateServiceClusterIP(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	cmd.Flags().Set("tcp", "8080:8000")
+	cmd.Run(cmd, []string{service.Name})
+	expectedOutput := "service/" + service.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
+
+func TestCreateServiceNodePort(t *testing.T) {
+	service := &v1.Service{}
+	service.Name = "my-node-port-service"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	negSer := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: negSer,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/services" && m == http.MethodPost:
+				return &http.Response{StatusCode: http.StatusCreated, Header: defaultHeader(), Body: objBody(codec, service)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateServiceNodePort(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	cmd.Flags().Set("tcp", "30000:8000")
+	cmd.Run(cmd, []string{service.Name})
+	expectedOutput := "service/" + service.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
+
+func TestCreateServiceExternalName(t *testing.T) {
+	service := &v1.Service{}
+	service.Name = "my-external-name-service"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	negSer := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: negSer,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/services" && m == http.MethodPost:
+				return &http.Response{StatusCode: http.StatusCreated, Header: defaultHeader(), Body: objBody(codec, service)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateServiceExternalName(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	cmd.Flags().Set("external-name", "name")
+	cmd.Run(cmd, []string{service.Name})
+	expectedOutput := "service/" + service.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_serviceaccount.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_serviceaccount.go
@ -0,0 +1,89 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/kubectl"
+	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/util/i18n"
+)
+
+var (
+	serviceAccountLong = templates.LongDesc(i18n.T(`
+		Create a service account with the specified name.`))
+
+	serviceAccountExample = templates.Examples(i18n.T(`
+	  # Create a new service account named my-service-account
+	  kubectl create serviceaccount my-service-account`))
+)
+
+type ServiceAccountOpts struct {
+	CreateSubcommandOptions *CreateSubcommandOptions
+}
+
+// NewCmdCreateServiceAccount is a macro command to create a new service account
+func NewCmdCreateServiceAccount(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.Command {
+	options := &ServiceAccountOpts{
+		CreateSubcommandOptions: NewCreateSubcommandOptions(ioStreams),
+	}
+
+	cmd := &cobra.Command{
+		Use: "serviceaccount NAME [--dry-run]",
+		DisableFlagsInUseLine: true,
+		Aliases:               []string{"sa"},
+		Short:                 i18n.T("Create a service account with the specified name"),
+		Long:                  serviceAccountLong,
+		Example:               serviceAccountExample,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(options.Complete(f, cmd, args))
+			cmdutil.CheckErr(options.Run())
+		},
+	}
+
+	options.CreateSubcommandOptions.PrintFlags.AddFlags(cmd)
+
+	cmdutil.AddApplyAnnotationFlags(cmd)
+	cmdutil.AddValidateFlags(cmd)
+	cmdutil.AddGeneratorFlags(cmd, cmdutil.ServiceAccountV1GeneratorName)
+	return cmd
+}
+
+func (o *ServiceAccountOpts) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error {
+	name, err := NameFromCommandArgs(cmd, args)
+	if err != nil {
+		return err
+	}
+
+	var generator kubectl.StructuredGenerator
+	switch generatorName := cmdutil.GetFlagString(cmd, "generator"); generatorName {
+	case cmdutil.ServiceAccountV1GeneratorName:
+		generator = &kubectl.ServiceAccountGeneratorV1{Name: name}
+	default:
+		return errUnsupportedGenerator(cmd, generatorName)
+	}
+
+	return o.CreateSubcommandOptions.Complete(f, cmd, args, generator)
+}
+
+// CreateServiceAccount implements the behavior to run the create service account command
+func (o *ServiceAccountOpts) Run() error {
+	return o.CreateSubcommandOptions.Run()
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_serviceaccount_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_serviceaccount_test.go
@ -0,0 +1,62 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"net/http"
+	"testing"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+)
+
+func TestCreateServiceAccount(t *testing.T) {
+	serviceAccountObject := &v1.ServiceAccount{}
+	serviceAccountObject.Name = "my-service-account"
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+	ns := legacyscheme.Codecs
+
+	tf.Client = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: ns,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/serviceaccounts" && m == "POST":
+				return &http.Response{StatusCode: 201, Header: defaultHeader(), Body: objBody(codec, serviceAccountObject)}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreateServiceAccount(tf, ioStreams)
+	cmd.Flags().Set("output", "name")
+	cmd.Run(cmd, []string{serviceAccountObject.Name})
+	expectedOutput := "serviceaccount/" + serviceAccountObject.Name + "\n"
+	if buf.String() != expectedOutput {
+		t.Errorf("expected output: %s, but got: %s", expectedOutput, buf.String())
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/create/create_test.go
@ -0,0 +1,210 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package create
+
+import (
+	"net/http"
+	"testing"
+
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/rest/fake"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	apitesting "k8s.io/kubernetes/pkg/api/testing"
+	api "k8s.io/kubernetes/pkg/apis/core"
+	cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
+	"k8s.io/kubernetes/pkg/kubectl/genericclioptions/resource"
+	"k8s.io/kubernetes/pkg/kubectl/scheme"
+)
+
+func TestExtraArgsFail(t *testing.T) {
+	initTestErrorHandler(t)
+
+	f := cmdtesting.NewTestFactory()
+	defer f.Cleanup()
+
+	c := NewCmdCreate(f, genericclioptions.NewTestIOStreamsDiscard())
+	options := CreateOptions{}
+	if options.ValidateArgs(c, []string{"rc"}) == nil {
+		t.Errorf("unexpected non-error")
+	}
+}
+
+func TestCreateObject(t *testing.T) {
+	initTestErrorHandler(t)
+	_, _, rc := testData()
+	rc.Items[0].Name = "redis-master-controller"
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+
+	tf.UnstructuredClient = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: unstructuredSerializer,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/replicationcontrollers" && m == http.MethodPost:
+				return &http.Response{StatusCode: http.StatusCreated, Header: defaultHeader(), Body: objBody(codec, &rc.Items[0])}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreate(tf, ioStreams)
+	cmd.Flags().Set("filename", "../../../../test/e2e/testing-manifests/guestbook/legacy/redis-master-controller.yaml")
+	cmd.Flags().Set("output", "name")
+	cmd.Run(cmd, []string{})
+
+	// uses the name from the file, not the response
+	if buf.String() != "replicationcontroller/redis-master-controller\n" {
+		t.Errorf("unexpected output: %s", buf.String())
+	}
+}
+
+func TestCreateMultipleObject(t *testing.T) {
+	initTestErrorHandler(t)
+	_, svc, rc := testData()
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+
+	tf.UnstructuredClient = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: unstructuredSerializer,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/services" && m == http.MethodPost:
+				return &http.Response{StatusCode: http.StatusCreated, Header: defaultHeader(), Body: objBody(codec, &svc.Items[0])}, nil
+			case p == "/namespaces/test/replicationcontrollers" && m == http.MethodPost:
+				return &http.Response{StatusCode: http.StatusCreated, Header: defaultHeader(), Body: objBody(codec, &rc.Items[0])}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreate(tf, ioStreams)
+	cmd.Flags().Set("filename", "../../../../test/e2e/testing-manifests/guestbook/legacy/redis-master-controller.yaml")
+	cmd.Flags().Set("filename", "../../../../test/e2e/testing-manifests/guestbook/frontend-service.yaml")
+	cmd.Flags().Set("output", "name")
+	cmd.Run(cmd, []string{})
+
+	// Names should come from the REST response, NOT the files
+	if buf.String() != "replicationcontroller/rc1\nservice/baz\n" {
+		t.Errorf("unexpected output: %s", buf.String())
+	}
+}
+
+func TestCreateDirectory(t *testing.T) {
+	initTestErrorHandler(t)
+	_, _, rc := testData()
+	rc.Items[0].Name = "name"
+
+	tf := cmdtesting.NewTestFactory().WithNamespace("test")
+	defer tf.Cleanup()
+
+	codec := legacyscheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)
+
+	tf.UnstructuredClient = &fake.RESTClient{
+		GroupVersion:         schema.GroupVersion{Version: "v1"},
+		NegotiatedSerializer: unstructuredSerializer,
+		Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) {
+			switch p, m := req.URL.Path, req.Method; {
+			case p == "/namespaces/test/replicationcontrollers" && m == http.MethodPost:
+				return &http.Response{StatusCode: http.StatusCreated, Header: defaultHeader(), Body: objBody(codec, &rc.Items[0])}, nil
+			default:
+				t.Fatalf("unexpected request: %#v\n%#v", req.URL, req)
+				return nil, nil
+			}
+		}),
+	}
+
+	ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams()
+	cmd := NewCmdCreate(tf, ioStreams)
+	cmd.Flags().Set("filename", "../../../../test/e2e/testing-manifests/guestbook/legacy")
+	cmd.Flags().Set("output", "name")
+	cmd.Run(cmd, []string{})
+
+	if buf.String() != "replicationcontroller/name\nreplicationcontroller/name\nreplicationcontroller/name\n" {
+		t.Errorf("unexpected output: %s", buf.String())
+	}
+}
+
+var unstructuredSerializer = resource.UnstructuredPlusDefaultContentConfig().NegotiatedSerializer
+
+func initTestErrorHandler(t *testing.T) {
+	cmdutil.BehaviorOnFatal(func(str string, code int) {
+		t.Errorf("Error running command (exit code %d): %s", code, str)
+	})
+}
+
+func testData() (*api.PodList, *api.ServiceList, *api.ReplicationControllerList) {
+	pods := &api.PodList{
+		ListMeta: metav1.ListMeta{
+			ResourceVersion: "15",
+		},
+		Items: []api.Pod{
+			{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo", Namespace: "test", ResourceVersion: "10"},
+				Spec:       apitesting.DeepEqualSafePodSpec(),
+			},
+			{
+				ObjectMeta: metav1.ObjectMeta{Name: "bar", Namespace: "test", ResourceVersion: "11"},
+				Spec:       apitesting.DeepEqualSafePodSpec(),
+			},
+		},
+	}
+	svc := &api.ServiceList{
+		ListMeta: metav1.ListMeta{
+			ResourceVersion: "16",
+		},
+		Items: []api.Service{
+			{
+				ObjectMeta: metav1.ObjectMeta{Name: "baz", Namespace: "test", ResourceVersion: "12"},
+				Spec: api.ServiceSpec{
+					SessionAffinity: "None",
+					Type:            api.ServiceTypeClusterIP,
+				},
+			},
+		},
+	}
+	rc := &api.ReplicationControllerList{
+		ListMeta: metav1.ListMeta{
+			ResourceVersion: "17",
+		},
+		Items: []api.ReplicationController{
+			{
+				ObjectMeta: metav1.ObjectMeta{Name: "rc1", Namespace: "test", ResourceVersion: "18"},
+				Spec: api.ReplicationControllerSpec{
+					Replicas: 1,
+				},
+			},
+		},
+	}
+	return pods, svc, rc
+}