mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-13 02:33:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

build: move e2e dependencies into e2e/go.mod

Browse Source 
Several packages are only used while running the e2e suite. These
packages are less important to update, as the they can not influence the
final executable that is part of the Ceph-CSI container-image.

By moving these dependencies out of the main Ceph-CSI go.mod, it is
easier to identify if a reported CVE affects Ceph-CSI, or only the
testing (like most of the Kubernetes CVEs).

Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit is contained in:
Niels de Vos
2025-03-04 08:57:28 +01:00
committed by mergify[bot]
parent 15da101b1b
commit bec6090996
8047 changed files with 1407827 additions and 3453 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/doc.go generated vendored Normal file
View File

@ -0,0 +1,25 @@
/*
Copyright 2019 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// +k8s:deepcopy-gen=package
// +k8s:protobuf-gen=package
// +k8s:openapi-gen=true
// +k8s:prerelease-lifecycle-gen=true
// +groupName=flowcontrol.apiserver.k8s.io
// Package v1beta2 holds api types of version v1alpha1 for group "flowcontrol.apiserver.k8s.io".
package v1beta2 // import "k8s.io/api/flowcontrol/v1beta2"

5663
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/generated.pb.go generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

511
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/generated.proto generated vendored Normal file
View File

@ -0,0 +1,511 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = "proto2";
package k8s.io.api.flowcontrol.v1beta2;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "k8s.io/api/flowcontrol/v1beta2";
// ExemptPriorityLevelConfiguration describes the configurable aspects
// of the handling of exempt requests.
// In the mandatory exempt configuration object the values in the fields
// here can be modified by authorized users, unlike the rest of the `spec`.
message ExemptPriorityLevelConfiguration {
// `nominalConcurrencyShares` (NCS) contributes to the computation of the
// NominalConcurrencyLimit (NominalCL) of this level.
// This is the number of execution seats nominally reserved for this priority level.
// This DOES NOT limit the dispatching from this priority level
// but affects the other priority levels through the borrowing mechanism.
// The server's concurrency limit (ServerCL) is divided among all the
// priority levels in proportion to their NCS values:
//
// NominalCL(i) = ceil( ServerCL * NCS(i) / sum_ncs )
// sum_ncs = sum[priority level k] NCS(k)
//
// Bigger numbers mean a larger nominal concurrency limit,
// at the expense of every other priority level.
// This field has a default value of zero.
// +optional
optional int32 nominalConcurrencyShares = 1;
// `lendablePercent` prescribes the fraction of the level's NominalCL that
// can be borrowed by other priority levels. This value of this
// field must be between 0 and 100, inclusive, and it defaults to 0.
// The number of seats that other levels can borrow from this level, known
// as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.
//
// LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
//
// +optional
optional int32 lendablePercent = 2;
}
// FlowDistinguisherMethod specifies the method of a flow distinguisher.
message FlowDistinguisherMethod {
// `type` is the type of flow distinguisher method
// The supported types are "ByUser" and "ByNamespace".
// Required.
optional string type = 1;
}
// FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of inbound API requests with
// similar attributes and is identified by a pair of strings: the name of the FlowSchema and a "flow distinguisher".
message FlowSchema {
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// `spec` is the specification of the desired behavior of a FlowSchema.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional FlowSchemaSpec spec = 2;
// `status` is the current status of a FlowSchema.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional FlowSchemaStatus status = 3;
}
// FlowSchemaCondition describes conditions for a FlowSchema.
message FlowSchemaCondition {
// `type` is the type of the condition.
// Required.
optional string type = 1;
// `status` is the status of the condition.
// Can be True, False, Unknown.
// Required.
optional string status = 2;
// `lastTransitionTime` is the last time the condition transitioned from one status to another.
optional .k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
optional string reason = 4;
// `message` is a human-readable message indicating details about last transition.
optional string message = 5;
}
// FlowSchemaList is a list of FlowSchema objects.
message FlowSchemaList {
// `metadata` is the standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// `items` is a list of FlowSchemas.
repeated FlowSchema items = 2;
}
// FlowSchemaSpec describes how the FlowSchema's specification looks like.
message FlowSchemaSpec {
// `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot
// be resolved, the FlowSchema will be ignored and marked as invalid in its status.
// Required.
optional PriorityLevelConfigurationReference priorityLevelConfiguration = 1;
// `matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen
// FlowSchema is among those with the numerically lowest (which we take to be logically highest)
// MatchingPrecedence. Each MatchingPrecedence value must be ranged in [1,10000].
// Note that if the precedence is not specified, it will be set to 1000 as default.
// +optional
optional int32 matchingPrecedence = 2;
// `distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema.
// `nil` specifies that the distinguisher is disabled and thus will always be the empty string.
// +optional
optional FlowDistinguisherMethod distinguisherMethod = 3;
// `rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if
// at least one member of rules matches the request.
// if it is an empty slice, there will be no requests matching the FlowSchema.
// +listType=atomic
// +optional
repeated PolicyRulesWithSubjects rules = 4;
}
// FlowSchemaStatus represents the current state of a FlowSchema.
message FlowSchemaStatus {
// `conditions` is a list of the current states of FlowSchema.
// +listType=map
// +listMapKey=type
// +optional
repeated FlowSchemaCondition conditions = 1;
}
// GroupSubject holds detailed information for group-kind subject.
message GroupSubject {
// name is the user group that matches, or "*" to match all user groups.
// See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some
// well-known group names.
// Required.
optional string name = 1;
}
// LimitResponse defines how to handle requests that can not be executed right now.
// +union
message LimitResponse {
// `type` is "Queue" or "Reject".
// "Queue" means that requests that can not be executed upon arrival
// are held in a queue until they can be executed or a queuing limit
// is reached.
// "Reject" means that requests that can not be executed upon arrival
// are rejected.
// Required.
// +unionDiscriminator
optional string type = 1;
// `queuing` holds the configuration parameters for queuing.
// This field may be non-empty only if `type` is `"Queue"`.
// +optional
optional QueuingConfiguration queuing = 2;
}
// LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits.
// It addresses two issues:
// - How are requests for this priority level limited?
// - What should be done with requests that exceed the limit?
message LimitedPriorityLevelConfiguration {
// `assuredConcurrencyShares` (ACS) configures the execution
// limit, which is a limit on the number of requests of this
// priority level that may be executing at a given time. ACS must
// be a positive number. The server's concurrency limit (SCL) is
// divided among the concurrency-controlled priority levels in
// proportion to their assured concurrency shares. This produces
// the assured concurrency value (ACV) --- the number of requests
// that may be executing at a time --- for each such priority
// level:
//
// ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )
//
// bigger numbers of ACS mean more reserved concurrent requests (at the
// expense of every other PL).
// This field has a default value of 30.
// +optional
optional int32 assuredConcurrencyShares = 1;
// `limitResponse` indicates what to do with requests that can not be executed right now
optional LimitResponse limitResponse = 2;
// `lendablePercent` prescribes the fraction of the level's NominalCL that
// can be borrowed by other priority levels. The value of this
// field must be between 0 and 100, inclusive, and it defaults to 0.
// The number of seats that other levels can borrow from this level, known
// as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.
//
// LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
//
// +optional
optional int32 lendablePercent = 3;
// `borrowingLimitPercent`, if present, configures a limit on how many
// seats this priority level can borrow from other priority levels.
// The limit is known as this level's BorrowingConcurrencyLimit
// (BorrowingCL) and is a limit on the total number of seats that this
// level may borrow at any one time.
// This field holds the ratio of that limit to the level's nominal
// concurrency limit. When this field is non-nil, it must hold a
// non-negative integer and the limit is calculated as follows.
//
// BorrowingCL(i) = round( NominalCL(i) * borrowingLimitPercent(i)/100.0 )
//
// The value of this field can be more than 100, implying that this
// priority level can borrow a number of seats that is greater than
// its own nominal concurrency limit (NominalCL).
// When this field is left `nil`, the limit is effectively infinite.
// +optional
optional int32 borrowingLimitPercent = 4;
}
// NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the
// target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member
// of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.
message NonResourcePolicyRule {
// `verbs` is a list of matching verbs and may not be empty.
// "*" matches all verbs. If it is present, it must be the only entry.
// +listType=set
// Required.
repeated string verbs = 1;
// `nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty.
// For example:
// - "/healthz" is legal
// - "/hea*" is illegal
// - "/hea" is legal but matches nothing
// - "/hea/*" also matches nothing
// - "/healthz/*" matches all per-component health checks.
// "*" matches all non-resource urls. if it is present, it must be the only entry.
// +listType=set
// Required.
repeated string nonResourceURLs = 6;
}
// PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject
// making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches
// a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member
// of resourceRules or nonResourceRules matches the request.
message PolicyRulesWithSubjects {
// subjects is the list of normal user, serviceaccount, or group that this rule cares about.
// There must be at least one member in this slice.
// A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request.
// +listType=atomic
// Required.
repeated Subject subjects = 1;
// `resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the
// target resource.
// At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
// +listType=atomic
// +optional
repeated ResourcePolicyRule resourceRules = 2;
// `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb
// and the target non-resource URL.
// +listType=atomic
// +optional
repeated NonResourcePolicyRule nonResourceRules = 3;
}
// PriorityLevelConfiguration represents the configuration of a priority level.
message PriorityLevelConfiguration {
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// `spec` is the specification of the desired behavior of a "request-priority".
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional PriorityLevelConfigurationSpec spec = 2;
// `status` is the current status of a "request-priority".
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional PriorityLevelConfigurationStatus status = 3;
}
// PriorityLevelConfigurationCondition defines the condition of priority level.
message PriorityLevelConfigurationCondition {
// `type` is the type of the condition.
// Required.
optional string type = 1;
// `status` is the status of the condition.
// Can be True, False, Unknown.
// Required.
optional string status = 2;
// `lastTransitionTime` is the last time the condition transitioned from one status to another.
optional .k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
optional string reason = 4;
// `message` is a human-readable message indicating details about last transition.
optional string message = 5;
}
// PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
message PriorityLevelConfigurationList {
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// `items` is a list of request-priorities.
repeated PriorityLevelConfiguration items = 2;
}
// PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.
message PriorityLevelConfigurationReference {
// `name` is the name of the priority level configuration being referenced
// Required.
optional string name = 1;
}
// PriorityLevelConfigurationSpec specifies the configuration of a priority level.
// +union
message PriorityLevelConfigurationSpec {
// `type` indicates whether this priority level is subject to
// limitation on request execution. A value of `"Exempt"` means
// that requests of this priority level are not subject to a limit
// (and thus are never queued) and do not detract from the
// capacity made available to other priority levels. A value of
// `"Limited"` means that (a) requests of this priority level
// _are_ subject to limits and (b) some of the server's limited
// capacity is made available exclusively to this priority level.
// Required.
// +unionDiscriminator
optional string type = 1;
// `limited` specifies how requests are handled for a Limited priority level.
// This field must be non-empty if and only if `type` is `"Limited"`.
// +optional
optional LimitedPriorityLevelConfiguration limited = 2;
// `exempt` specifies how requests are handled for an exempt priority level.
// This field MUST be empty if `type` is `"Limited"`.
// This field MAY be non-empty if `type` is `"Exempt"`.
// If empty and `type` is `"Exempt"` then the default values
// for `ExemptPriorityLevelConfiguration` apply.
// +optional
optional ExemptPriorityLevelConfiguration exempt = 3;
}
// PriorityLevelConfigurationStatus represents the current state of a "request-priority".
message PriorityLevelConfigurationStatus {
// `conditions` is the current state of "request-priority".
// +listType=map
// +listMapKey=type
// +optional
repeated PriorityLevelConfigurationCondition conditions = 1;
}
// QueuingConfiguration holds the configuration parameters for queuing
message QueuingConfiguration {
// `queues` is the number of queues for this priority level. The
// queues exist independently at each apiserver. The value must be
// positive. Setting it to 1 effectively precludes
// shufflesharding and thus makes the distinguisher method of
// associated flow schemas irrelevant. This field has a default
// value of 64.
// +optional
optional int32 queues = 1;
// `handSize` is a small positive number that configures the
// shuffle sharding of requests into queues. When enqueuing a request
// at this priority level the request's flow identifier (a string
// pair) is hashed and the hash value is used to shuffle the list
// of queues and deal a hand of the size specified here. The
// request is put into one of the shortest queues in that hand.
// `handSize` must be no larger than `queues`, and should be
// significantly smaller (so that a few heavy flows do not
// saturate most of the queues). See the user-facing
// documentation for more extensive guidance on setting this
// field. This field has a default value of 8.
// +optional
optional int32 handSize = 2;
// `queueLengthLimit` is the maximum number of requests allowed to
// be waiting in a given queue of this priority level at a time;
// excess requests are rejected. This value must be positive. If
// not specified, it will be defaulted to 50.
// +optional
optional int32 queueLengthLimit = 3;
}
// ResourcePolicyRule is a predicate that matches some resource
// requests, testing the request's verb and the target resource. A
// ResourcePolicyRule matches a resource request if and only if: (a)
// at least one member of verbs matches the request, (b) at least one
// member of apiGroups matches the request, (c) at least one member of
// resources matches the request, and (d) either (d1) the request does
// not specify a namespace (i.e., `Namespace==""`) and clusterScope is
// true or (d2) the request specifies a namespace and least one member
// of namespaces matches the request's namespace.
message ResourcePolicyRule {
// `verbs` is a list of matching verbs and may not be empty.
// "*" matches all verbs and, if present, must be the only entry.
// +listType=set
// Required.
repeated string verbs = 1;
// `apiGroups` is a list of matching API groups and may not be empty.
// "*" matches all API groups and, if present, must be the only entry.
// +listType=set
// Required.
repeated string apiGroups = 2;
// `resources` is a list of matching resources (i.e., lowercase
// and plural) with, if desired, subresource. For example, [
// "services", "nodes/status" ]. This list may not be empty.
// "*" matches all resources and, if present, must be the only entry.
// Required.
// +listType=set
repeated string resources = 3;
// `clusterScope` indicates whether to match requests that do not
// specify a namespace (which happens either because the resource
// is not namespaced or the request targets all namespaces).
// If this field is omitted or false then the `namespaces` field
// must contain a non-empty list.
// +optional
optional bool clusterScope = 4;
// `namespaces` is a list of target namespaces that restricts
// matches. A request that specifies a target namespace matches
// only if either (a) this list contains that target namespace or
// (b) this list contains "*". Note that "*" matches any
// specified namespace but does not match a request that _does
// not specify_ a namespace (see the `clusterScope` field for
// that).
// This list may be empty, but only if `clusterScope` is true.
// +optional
// +listType=set
repeated string namespaces = 5;
}
// ServiceAccountSubject holds detailed information for service-account-kind subject.
message ServiceAccountSubject {
// `namespace` is the namespace of matching ServiceAccount objects.
// Required.
optional string namespace = 1;
// `name` is the name of matching ServiceAccount objects, or "*" to match regardless of name.
// Required.
optional string name = 2;
}
// Subject matches the originator of a request, as identified by the request authentication system. There are three
// ways of matching an originator; by user, group, or service account.
// +union
message Subject {
// `kind` indicates which one of the other fields is non-empty.
// Required
// +unionDiscriminator
optional string kind = 1;
// `user` matches based on username.
// +optional
optional UserSubject user = 2;
// `group` matches based on user group name.
// +optional
optional GroupSubject group = 3;
// `serviceAccount` matches ServiceAccounts.
// +optional
optional ServiceAccountSubject serviceAccount = 4;
}
// UserSubject holds detailed information for user-kind subject.
message UserSubject {
// `name` is the username that matches, or "*" to match all usernames.
// Required.
optional string name = 1;
}

58
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/register.go generated vendored Normal file
View File

@ -0,0 +1,58 @@
/*
Copyright 2019 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1beta2
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
)
// GroupName is the name of api group
const GroupName = "flowcontrol.apiserver.k8s.io"
// SchemeGroupVersion is group version used to register these objects
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta2"}
// Kind takes an unqualified kind and returns a Group qualified GroupKind
func Kind(kind string) schema.GroupKind {
return SchemeGroupVersion.WithKind(kind).GroupKind()
}
// Resource takes an unqualified resource and returns a Group qualified GroupResource
func Resource(resource string) schema.GroupResource {
return SchemeGroupVersion.WithResource(resource).GroupResource()
}
var (
// SchemeBuilder installs the api group to a scheme
SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
// AddToScheme adds api to a scheme
AddToScheme = SchemeBuilder.AddToScheme
)
// Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&FlowSchema{},
&FlowSchemaList{},
&PriorityLevelConfiguration{},
&PriorityLevelConfigurationList{},
)
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil
}

659
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/types.go generated vendored Normal file
View File

@ -0,0 +1,659 @@
/*
Copyright 2019 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1beta2
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// These are valid wildcards.
const (
APIGroupAll = "*"
ResourceAll = "*"
VerbAll = "*"
NonResourceAll = "*"
NameAll = "*"
NamespaceEvery = "*" // matches every particular namespace
)
// System preset priority level names
const (
PriorityLevelConfigurationNameExempt = "exempt"
PriorityLevelConfigurationNameCatchAll = "catch-all"
FlowSchemaNameExempt = "exempt"
FlowSchemaNameCatchAll = "catch-all"
)
// Conditions
const (
FlowSchemaConditionDangling = "Dangling"
PriorityLevelConfigurationConditionConcurrencyShared = "ConcurrencyShared"
)
// Constants used by api validation.
const (
FlowSchemaMaxMatchingPrecedence int32 = 10000
)
// Constants for apiserver response headers.
const (
ResponseHeaderMatchedPriorityLevelConfigurationUID = "X-Kubernetes-PF-PriorityLevel-UID"
ResponseHeaderMatchedFlowSchemaUID = "X-Kubernetes-PF-FlowSchema-UID"
)
const (
// AutoUpdateAnnotationKey is the name of an annotation that enables
// automatic update of the spec of the bootstrap configuration
// object(s), if set to 'true'.
//
// On a fresh install, all bootstrap configuration objects will have auto
// update enabled with the following annotation key:
// apf.kubernetes.io/autoupdate-spec: 'true'
//
// The kube-apiserver periodically checks the bootstrap configuration
// objects on the cluster and applies updates if necessary.
//
// kube-apiserver enforces an 'always auto-update' policy for the
// mandatory configuration object(s). This implies:
// - the auto-update annotation key is added with a value of 'true'
// if it is missing.
// - the auto-update annotation key is set to 'true' if its current value
// is a boolean false or has an invalid boolean representation
// (if the cluster operator sets it to 'false' it will be stomped)
// - any changes to the spec made by the cluster operator will be
// stomped, except for changes to the `nominalConcurrencyShares`
// and `lendablePercent` fields of the PriorityLevelConfiguration
// named "exempt".
//
// The kube-apiserver will apply updates on the suggested configuration if:
// - the cluster operator has enabled auto-update by setting the annotation
// (apf.kubernetes.io/autoupdate-spec: 'true') or
// - the annotation key is missing but the generation is 1
//
// If the suggested configuration object is missing the annotation key,
// kube-apiserver will update the annotation appropriately:
// - it is set to 'true' if generation of the object is '1' which usually
// indicates that the spec of the object has not been changed.
// - it is set to 'false' if generation of the object is greater than 1.
//
// The goal is to enable the kube-apiserver to apply update on suggested
// configuration objects installed by previous releases but not overwrite
// changes made by the cluster operators.
// Note that this distinction is imperfectly detected: in the case where an
// operator deletes a suggested configuration object and later creates it
// but with a variant spec and then does no updates of the object
// (generation is 1), the technique outlined above will incorrectly
// determine that the object should be auto-updated.
AutoUpdateAnnotationKey = "apf.kubernetes.io/autoupdate-spec"
)
// +genclient
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:prerelease-lifecycle-gen:introduced=1.23
// +k8s:prerelease-lifecycle-gen:replacement=flowcontrol.apiserver.k8s.io,v1beta3,FlowSchema
// FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of inbound API requests with
// similar attributes and is identified by a pair of strings: the name of the FlowSchema and a "flow distinguisher".
type FlowSchema struct {
metav1.TypeMeta `json:",inline"`
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// `spec` is the specification of the desired behavior of a FlowSchema.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
Spec FlowSchemaSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
// `status` is the current status of a FlowSchema.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
Status FlowSchemaStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:prerelease-lifecycle-gen:introduced=1.23
// +k8s:prerelease-lifecycle-gen:replacement=flowcontrol.apiserver.k8s.io,v1beta3,FlowSchemaList
// FlowSchemaList is a list of FlowSchema objects.
type FlowSchemaList struct {
metav1.TypeMeta `json:",inline"`
// `metadata` is the standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// `items` is a list of FlowSchemas.
Items []FlowSchema `json:"items" protobuf:"bytes,2,rep,name=items"`
}
// FlowSchemaSpec describes how the FlowSchema's specification looks like.
type FlowSchemaSpec struct {
// `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot
// be resolved, the FlowSchema will be ignored and marked as invalid in its status.
// Required.
PriorityLevelConfiguration PriorityLevelConfigurationReference `json:"priorityLevelConfiguration" protobuf:"bytes,1,opt,name=priorityLevelConfiguration"`
// `matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen
// FlowSchema is among those with the numerically lowest (which we take to be logically highest)
// MatchingPrecedence. Each MatchingPrecedence value must be ranged in [1,10000].
// Note that if the precedence is not specified, it will be set to 1000 as default.
// +optional
MatchingPrecedence int32 `json:"matchingPrecedence" protobuf:"varint,2,opt,name=matchingPrecedence"`
// `distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema.
// `nil` specifies that the distinguisher is disabled and thus will always be the empty string.
// +optional
DistinguisherMethod *FlowDistinguisherMethod `json:"distinguisherMethod,omitempty" protobuf:"bytes,3,opt,name=distinguisherMethod"`
// `rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if
// at least one member of rules matches the request.
// if it is an empty slice, there will be no requests matching the FlowSchema.
// +listType=atomic
// +optional
Rules []PolicyRulesWithSubjects `json:"rules,omitempty" protobuf:"bytes,4,rep,name=rules"`
}
// FlowDistinguisherMethodType is the type of flow distinguisher method
type FlowDistinguisherMethodType string
// These are valid flow-distinguisher methods.
const (
// FlowDistinguisherMethodByUserType specifies that the flow distinguisher is the username in the request.
// This type is used to provide some insulation between users.
FlowDistinguisherMethodByUserType FlowDistinguisherMethodType = "ByUser"
// FlowDistinguisherMethodByNamespaceType specifies that the flow distinguisher is the namespace of the
// object that the request acts upon. If the object is not namespaced, or if the request is a non-resource
// request, then the distinguisher will be the empty string. An example usage of this type is to provide
// some insulation between tenants in a situation where there are multiple tenants and each namespace
// is dedicated to a tenant.
FlowDistinguisherMethodByNamespaceType FlowDistinguisherMethodType = "ByNamespace"
)
// FlowDistinguisherMethod specifies the method of a flow distinguisher.
type FlowDistinguisherMethod struct {
// `type` is the type of flow distinguisher method
// The supported types are "ByUser" and "ByNamespace".
// Required.
Type FlowDistinguisherMethodType `json:"type" protobuf:"bytes,1,opt,name=type"`
}
// PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.
type PriorityLevelConfigurationReference struct {
// `name` is the name of the priority level configuration being referenced
// Required.
Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
}
// PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject
// making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches
// a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member
// of resourceRules or nonResourceRules matches the request.
type PolicyRulesWithSubjects struct {
// subjects is the list of normal user, serviceaccount, or group that this rule cares about.
// There must be at least one member in this slice.
// A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request.
// +listType=atomic
// Required.
Subjects []Subject `json:"subjects" protobuf:"bytes,1,rep,name=subjects"`
// `resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the
// target resource.
// At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
// +listType=atomic
// +optional
ResourceRules []ResourcePolicyRule `json:"resourceRules,omitempty" protobuf:"bytes,2,opt,name=resourceRules"`
// `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb
// and the target non-resource URL.
// +listType=atomic
// +optional
NonResourceRules []NonResourcePolicyRule `json:"nonResourceRules,omitempty" protobuf:"bytes,3,opt,name=nonResourceRules"`
}
// Subject matches the originator of a request, as identified by the request authentication system. There are three
// ways of matching an originator; by user, group, or service account.
// +union
type Subject struct {
// `kind` indicates which one of the other fields is non-empty.
// Required
// +unionDiscriminator
Kind SubjectKind `json:"kind" protobuf:"bytes,1,opt,name=kind"`
// `user` matches based on username.
// +optional
User *UserSubject `json:"user,omitempty" protobuf:"bytes,2,opt,name=user"`
// `group` matches based on user group name.
// +optional
Group *GroupSubject `json:"group,omitempty" protobuf:"bytes,3,opt,name=group"`
// `serviceAccount` matches ServiceAccounts.
// +optional
ServiceAccount *ServiceAccountSubject `json:"serviceAccount,omitempty" protobuf:"bytes,4,opt,name=serviceAccount"`
}
// SubjectKind is the kind of subject.
type SubjectKind string
// Supported subject's kinds.
const (
SubjectKindUser SubjectKind = "User"
SubjectKindGroup SubjectKind = "Group"
SubjectKindServiceAccount SubjectKind = "ServiceAccount"
)
// UserSubject holds detailed information for user-kind subject.
type UserSubject struct {
// `name` is the username that matches, or "*" to match all usernames.
// Required.
Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
}
// GroupSubject holds detailed information for group-kind subject.
type GroupSubject struct {
// name is the user group that matches, or "*" to match all user groups.
// See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some
// well-known group names.
// Required.
Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
}
// ServiceAccountSubject holds detailed information for service-account-kind subject.
type ServiceAccountSubject struct {
// `namespace` is the namespace of matching ServiceAccount objects.
// Required.
Namespace string `json:"namespace" protobuf:"bytes,1,opt,name=namespace"`
// `name` is the name of matching ServiceAccount objects, or "*" to match regardless of name.
// Required.
Name string `json:"name" protobuf:"bytes,2,opt,name=name"`
}
// ResourcePolicyRule is a predicate that matches some resource
// requests, testing the request's verb and the target resource. A
// ResourcePolicyRule matches a resource request if and only if: (a)
// at least one member of verbs matches the request, (b) at least one
// member of apiGroups matches the request, (c) at least one member of
// resources matches the request, and (d) either (d1) the request does
// not specify a namespace (i.e., `Namespace==""`) and clusterScope is
// true or (d2) the request specifies a namespace and least one member
// of namespaces matches the request's namespace.
type ResourcePolicyRule struct {
// `verbs` is a list of matching verbs and may not be empty.
// "*" matches all verbs and, if present, must be the only entry.
// +listType=set
// Required.
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// `apiGroups` is a list of matching API groups and may not be empty.
// "*" matches all API groups and, if present, must be the only entry.
// +listType=set
// Required.
APIGroups []string `json:"apiGroups" protobuf:"bytes,2,rep,name=apiGroups"`
// `resources` is a list of matching resources (i.e., lowercase
// and plural) with, if desired, subresource. For example, [
// "services", "nodes/status" ]. This list may not be empty.
// "*" matches all resources and, if present, must be the only entry.
// Required.
// +listType=set
Resources []string `json:"resources" protobuf:"bytes,3,rep,name=resources"`
// `clusterScope` indicates whether to match requests that do not
// specify a namespace (which happens either because the resource
// is not namespaced or the request targets all namespaces).
// If this field is omitted or false then the `namespaces` field
// must contain a non-empty list.
// +optional
ClusterScope bool `json:"clusterScope,omitempty" protobuf:"varint,4,opt,name=clusterScope"`
// `namespaces` is a list of target namespaces that restricts
// matches. A request that specifies a target namespace matches
// only if either (a) this list contains that target namespace or
// (b) this list contains "*". Note that "*" matches any
// specified namespace but does not match a request that _does
// not specify_ a namespace (see the `clusterScope` field for
// that).
// This list may be empty, but only if `clusterScope` is true.
// +optional
// +listType=set
Namespaces []string `json:"namespaces" protobuf:"bytes,5,rep,name=namespaces"`
}
// NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the
// target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member
// of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.
type NonResourcePolicyRule struct {
// `verbs` is a list of matching verbs and may not be empty.
// "*" matches all verbs. If it is present, it must be the only entry.
// +listType=set
// Required.
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// `nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty.
// For example:
// - "/healthz" is legal
// - "/hea*" is illegal
// - "/hea" is legal but matches nothing
// - "/hea/*" also matches nothing
// - "/healthz/*" matches all per-component health checks.
// "*" matches all non-resource urls. if it is present, it must be the only entry.
// +listType=set
// Required.
NonResourceURLs []string `json:"nonResourceURLs" protobuf:"bytes,6,rep,name=nonResourceURLs"`
}
// FlowSchemaStatus represents the current state of a FlowSchema.
type FlowSchemaStatus struct {
// `conditions` is a list of the current states of FlowSchema.
// +listType=map
// +listMapKey=type
// +optional
Conditions []FlowSchemaCondition `json:"conditions,omitempty" protobuf:"bytes,1,rep,name=conditions"`
}
// FlowSchemaCondition describes conditions for a FlowSchema.
type FlowSchemaCondition struct {
// `type` is the type of the condition.
// Required.
Type FlowSchemaConditionType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type"`
// `status` is the status of the condition.
// Can be True, False, Unknown.
// Required.
Status ConditionStatus `json:"status,omitempty" protobuf:"bytes,2,opt,name=status"`
// `lastTransitionTime` is the last time the condition transitioned from one status to another.
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"`
// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
// `message` is a human-readable message indicating details about last transition.
Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
}
// FlowSchemaConditionType is a valid value for FlowSchemaStatusCondition.Type
type FlowSchemaConditionType string
// +genclient
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:prerelease-lifecycle-gen:introduced=1.23
// +k8s:prerelease-lifecycle-gen:replacement=flowcontrol.apiserver.k8s.io,v1beta3,PriorityLevelConfiguration
// PriorityLevelConfiguration represents the configuration of a priority level.
type PriorityLevelConfiguration struct {
metav1.TypeMeta `json:",inline"`
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// `spec` is the specification of the desired behavior of a "request-priority".
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
Spec PriorityLevelConfigurationSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
// `status` is the current status of a "request-priority".
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
Status PriorityLevelConfigurationStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:prerelease-lifecycle-gen:introduced=1.23
// +k8s:prerelease-lifecycle-gen:replacement=flowcontrol.apiserver.k8s.io,v1beta3,PriorityLevelConfigurationList
// PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
type PriorityLevelConfigurationList struct {
metav1.TypeMeta `json:",inline"`
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// `items` is a list of request-priorities.
Items []PriorityLevelConfiguration `json:"items" protobuf:"bytes,2,rep,name=items"`
}
// PriorityLevelConfigurationSpec specifies the configuration of a priority level.
// +union
type PriorityLevelConfigurationSpec struct {
// `type` indicates whether this priority level is subject to
// limitation on request execution. A value of `"Exempt"` means
// that requests of this priority level are not subject to a limit
// (and thus are never queued) and do not detract from the
// capacity made available to other priority levels. A value of
// `"Limited"` means that (a) requests of this priority level
// _are_ subject to limits and (b) some of the server's limited
// capacity is made available exclusively to this priority level.
// Required.
// +unionDiscriminator
Type PriorityLevelEnablement `json:"type" protobuf:"bytes,1,opt,name=type"`
// `limited` specifies how requests are handled for a Limited priority level.
// This field must be non-empty if and only if `type` is `"Limited"`.
// +optional
Limited *LimitedPriorityLevelConfiguration `json:"limited,omitempty" protobuf:"bytes,2,opt,name=limited"`
// `exempt` specifies how requests are handled for an exempt priority level.
// This field MUST be empty if `type` is `"Limited"`.
// This field MAY be non-empty if `type` is `"Exempt"`.
// If empty and `type` is `"Exempt"` then the default values
// for `ExemptPriorityLevelConfiguration` apply.
// +optional
Exempt *ExemptPriorityLevelConfiguration `json:"exempt,omitempty" protobuf:"bytes,3,opt,name=exempt"`
}
// PriorityLevelEnablement indicates whether limits on execution are enabled for the priority level
type PriorityLevelEnablement string
// Supported priority level enablement values.
const (
// PriorityLevelEnablementExempt means that requests are not subject to limits
PriorityLevelEnablementExempt PriorityLevelEnablement = "Exempt"
// PriorityLevelEnablementLimited means that requests are subject to limits
PriorityLevelEnablementLimited PriorityLevelEnablement = "Limited"
)
// LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits.
// It addresses two issues:
// - How are requests for this priority level limited?
// - What should be done with requests that exceed the limit?
type LimitedPriorityLevelConfiguration struct {
// `assuredConcurrencyShares` (ACS) configures the execution
// limit, which is a limit on the number of requests of this
// priority level that may be executing at a given time. ACS must
// be a positive number. The server's concurrency limit (SCL) is
// divided among the concurrency-controlled priority levels in
// proportion to their assured concurrency shares. This produces
// the assured concurrency value (ACV) --- the number of requests
// that may be executing at a time --- for each such priority
// level:
//
// ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )
//
// bigger numbers of ACS mean more reserved concurrent requests (at the
// expense of every other PL).
// This field has a default value of 30.
// +optional
AssuredConcurrencyShares int32 `json:"assuredConcurrencyShares" protobuf:"varint,1,opt,name=assuredConcurrencyShares"`
// `limitResponse` indicates what to do with requests that can not be executed right now
LimitResponse LimitResponse `json:"limitResponse,omitempty" protobuf:"bytes,2,opt,name=limitResponse"`
// `lendablePercent` prescribes the fraction of the level's NominalCL that
// can be borrowed by other priority levels. The value of this
// field must be between 0 and 100, inclusive, and it defaults to 0.
// The number of seats that other levels can borrow from this level, known
// as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.
//
// LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
//
// +optional
LendablePercent *int32 `json:"lendablePercent,omitempty" protobuf:"varint,3,opt,name=lendablePercent"`
// `borrowingLimitPercent`, if present, configures a limit on how many
// seats this priority level can borrow from other priority levels.
// The limit is known as this level's BorrowingConcurrencyLimit
// (BorrowingCL) and is a limit on the total number of seats that this
// level may borrow at any one time.
// This field holds the ratio of that limit to the level's nominal
// concurrency limit. When this field is non-nil, it must hold a
// non-negative integer and the limit is calculated as follows.
//
// BorrowingCL(i) = round( NominalCL(i) * borrowingLimitPercent(i)/100.0 )
//
// The value of this field can be more than 100, implying that this
// priority level can borrow a number of seats that is greater than
// its own nominal concurrency limit (NominalCL).
// When this field is left `nil`, the limit is effectively infinite.
// +optional
BorrowingLimitPercent *int32 `json:"borrowingLimitPercent,omitempty" protobuf:"varint,4,opt,name=borrowingLimitPercent"`
}
// ExemptPriorityLevelConfiguration describes the configurable aspects
// of the handling of exempt requests.
// In the mandatory exempt configuration object the values in the fields
// here can be modified by authorized users, unlike the rest of the `spec`.
type ExemptPriorityLevelConfiguration struct {
// `nominalConcurrencyShares` (NCS) contributes to the computation of the
// NominalConcurrencyLimit (NominalCL) of this level.
// This is the number of execution seats nominally reserved for this priority level.
// This DOES NOT limit the dispatching from this priority level
// but affects the other priority levels through the borrowing mechanism.
// The server's concurrency limit (ServerCL) is divided among all the
// priority levels in proportion to their NCS values:
//
// NominalCL(i) = ceil( ServerCL * NCS(i) / sum_ncs )
// sum_ncs = sum[priority level k] NCS(k)
//
// Bigger numbers mean a larger nominal concurrency limit,
// at the expense of every other priority level.
// This field has a default value of zero.
// +optional
NominalConcurrencyShares *int32 `json:"nominalConcurrencyShares,omitempty" protobuf:"varint,1,opt,name=nominalConcurrencyShares"`
// `lendablePercent` prescribes the fraction of the level's NominalCL that
// can be borrowed by other priority levels. This value of this
// field must be between 0 and 100, inclusive, and it defaults to 0.
// The number of seats that other levels can borrow from this level, known
// as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.
//
// LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
//
// +optional
LendablePercent *int32 `json:"lendablePercent,omitempty" protobuf:"varint,2,opt,name=lendablePercent"`
// The `BorrowingCL` of an Exempt priority level is implicitly `ServerCL`.
// In other words, an exempt priority level
// has no meaningful limit on how much it borrows.
// There is no explicit representation of that here.
}
// LimitResponse defines how to handle requests that can not be executed right now.
// +union
type LimitResponse struct {
// `type` is "Queue" or "Reject".
// "Queue" means that requests that can not be executed upon arrival
// are held in a queue until they can be executed or a queuing limit
// is reached.
// "Reject" means that requests that can not be executed upon arrival
// are rejected.
// Required.
// +unionDiscriminator
Type LimitResponseType `json:"type" protobuf:"bytes,1,opt,name=type"`
// `queuing` holds the configuration parameters for queuing.
// This field may be non-empty only if `type` is `"Queue"`.
// +optional
Queuing *QueuingConfiguration `json:"queuing,omitempty" protobuf:"bytes,2,opt,name=queuing"`
}
// LimitResponseType identifies how a Limited priority level handles a request that can not be executed right now
type LimitResponseType string
// Supported limit responses.
const (
// LimitResponseTypeQueue means that requests that can not be executed right now are queued until they can be executed or a queuing limit is hit
LimitResponseTypeQueue LimitResponseType = "Queue"
// LimitResponseTypeReject means that requests that can not be executed right now are rejected
LimitResponseTypeReject LimitResponseType = "Reject"
)
// QueuingConfiguration holds the configuration parameters for queuing
type QueuingConfiguration struct {
// `queues` is the number of queues for this priority level. The
// queues exist independently at each apiserver. The value must be
// positive. Setting it to 1 effectively precludes
// shufflesharding and thus makes the distinguisher method of
// associated flow schemas irrelevant. This field has a default
// value of 64.
// +optional
Queues int32 `json:"queues" protobuf:"varint,1,opt,name=queues"`
// `handSize` is a small positive number that configures the
// shuffle sharding of requests into queues. When enqueuing a request
// at this priority level the request's flow identifier (a string
// pair) is hashed and the hash value is used to shuffle the list
// of queues and deal a hand of the size specified here. The
// request is put into one of the shortest queues in that hand.
// `handSize` must be no larger than `queues`, and should be
// significantly smaller (so that a few heavy flows do not
// saturate most of the queues). See the user-facing
// documentation for more extensive guidance on setting this
// field. This field has a default value of 8.
// +optional
HandSize int32 `json:"handSize" protobuf:"varint,2,opt,name=handSize"`
// `queueLengthLimit` is the maximum number of requests allowed to
// be waiting in a given queue of this priority level at a time;
// excess requests are rejected. This value must be positive. If
// not specified, it will be defaulted to 50.
// +optional
QueueLengthLimit int32 `json:"queueLengthLimit" protobuf:"varint,3,opt,name=queueLengthLimit"`
}
// PriorityLevelConfigurationConditionType is a valid value for PriorityLevelConfigurationStatusCondition.Type
type PriorityLevelConfigurationConditionType string
// PriorityLevelConfigurationStatus represents the current state of a "request-priority".
type PriorityLevelConfigurationStatus struct {
// `conditions` is the current state of "request-priority".
// +listType=map
// +listMapKey=type
// +optional
Conditions []PriorityLevelConfigurationCondition `json:"conditions,omitempty" protobuf:"bytes,1,rep,name=conditions"`
}
// PriorityLevelConfigurationCondition defines the condition of priority level.
type PriorityLevelConfigurationCondition struct {
// `type` is the type of the condition.
// Required.
Type PriorityLevelConfigurationConditionType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type"`
// `status` is the status of the condition.
// Can be True, False, Unknown.
// Required.
Status ConditionStatus `json:"status,omitempty" protobuf:"bytes,2,opt,name=status"`
// `lastTransitionTime` is the last time the condition transitioned from one status to another.
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"`
// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
// `message` is a human-readable message indicating details about last transition.
Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
}
// ConditionStatus is the status of the condition.
type ConditionStatus string
// These are valid condition statuses. "ConditionTrue" means a resource is in the condition.
// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes
// can't decide if a resource is in the condition or not. In the future, we could add other
// intermediate conditions, e.g. ConditionDegraded.
const (
ConditionTrue ConditionStatus = "True"
ConditionFalse ConditionStatus = "False"
ConditionUnknown ConditionStatus = "Unknown"
)

274
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/types_swagger_doc_generated.go generated vendored Normal file
View File

@ -0,0 +1,274 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1beta2
// This file contains a collection of methods that can be used from go-restful to
// generate Swagger API documentation for its models. Please read this PR for more
// information on the implementation: https://github.com/emicklei/go-restful/pull/215
//
// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if
// they are on one line! For multiple line or blocks that you want to ignore use ---.
// Any context after a --- is ignored.
//
// Those methods can be generated by using hack/update-codegen.sh
// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT.
var map_ExemptPriorityLevelConfiguration = map[string]string{
"": "ExemptPriorityLevelConfiguration describes the configurable aspects of the handling of exempt requests. In the mandatory exempt configuration object the values in the fields here can be modified by authorized users, unlike the rest of the `spec`.",
"nominalConcurrencyShares": "`nominalConcurrencyShares` (NCS) contributes to the computation of the NominalConcurrencyLimit (NominalCL) of this level. This is the number of execution seats nominally reserved for this priority level. This DOES NOT limit the dispatching from this priority level but affects the other priority levels through the borrowing mechanism. The server's concurrency limit (ServerCL) is divided among all the priority levels in proportion to their NCS values:\n\nNominalCL(i) = ceil( ServerCL * NCS(i) / sum_ncs ) sum_ncs = sum[priority level k] NCS(k)\n\nBigger numbers mean a larger nominal concurrency limit, at the expense of every other priority level. This field has a default value of zero.",
"lendablePercent": "`lendablePercent` prescribes the fraction of the level's NominalCL that can be borrowed by other priority levels. This value of this field must be between 0 and 100, inclusive, and it defaults to 0. The number of seats that other levels can borrow from this level, known as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.\n\nLendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )",
}
func (ExemptPriorityLevelConfiguration) SwaggerDoc() map[string]string {
return map_ExemptPriorityLevelConfiguration
}
var map_FlowDistinguisherMethod = map[string]string{
"": "FlowDistinguisherMethod specifies the method of a flow distinguisher.",
"type": "`type` is the type of flow distinguisher method The supported types are \"ByUser\" and \"ByNamespace\". Required.",
}
func (FlowDistinguisherMethod) SwaggerDoc() map[string]string {
return map_FlowDistinguisherMethod
}
var map_FlowSchema = map[string]string{
"": "FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of inbound API requests with similar attributes and is identified by a pair of strings: the name of the FlowSchema and a \"flow distinguisher\".",
"metadata": "`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"spec": "`spec` is the specification of the desired behavior of a FlowSchema. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
"status": "`status` is the current status of a FlowSchema. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
}
func (FlowSchema) SwaggerDoc() map[string]string {
return map_FlowSchema
}
var map_FlowSchemaCondition = map[string]string{
"": "FlowSchemaCondition describes conditions for a FlowSchema.",
"type": "`type` is the type of the condition. Required.",
"status": "`status` is the status of the condition. Can be True, False, Unknown. Required.",
"lastTransitionTime": "`lastTransitionTime` is the last time the condition transitioned from one status to another.",
"reason": "`reason` is a unique, one-word, CamelCase reason for the condition's last transition.",
"message": "`message` is a human-readable message indicating details about last transition.",
}
func (FlowSchemaCondition) SwaggerDoc() map[string]string {
return map_FlowSchemaCondition
}
var map_FlowSchemaList = map[string]string{
"": "FlowSchemaList is a list of FlowSchema objects.",
"metadata": "`metadata` is the standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"items": "`items` is a list of FlowSchemas.",
}
func (FlowSchemaList) SwaggerDoc() map[string]string {
return map_FlowSchemaList
}
var map_FlowSchemaSpec = map[string]string{
"": "FlowSchemaSpec describes how the FlowSchema's specification looks like.",
"priorityLevelConfiguration": "`priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot be resolved, the FlowSchema will be ignored and marked as invalid in its status. Required.",
"matchingPrecedence": "`matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen FlowSchema is among those with the numerically lowest (which we take to be logically highest) MatchingPrecedence. Each MatchingPrecedence value must be ranged in [1,10000]. Note that if the precedence is not specified, it will be set to 1000 as default.",
"distinguisherMethod": "`distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema. `nil` specifies that the distinguisher is disabled and thus will always be the empty string.",
"rules": "`rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if at least one member of rules matches the request. if it is an empty slice, there will be no requests matching the FlowSchema.",
}
func (FlowSchemaSpec) SwaggerDoc() map[string]string {
return map_FlowSchemaSpec
}
var map_FlowSchemaStatus = map[string]string{
"": "FlowSchemaStatus represents the current state of a FlowSchema.",
"conditions": "`conditions` is a list of the current states of FlowSchema.",
}
func (FlowSchemaStatus) SwaggerDoc() map[string]string {
return map_FlowSchemaStatus
}
var map_GroupSubject = map[string]string{
"": "GroupSubject holds detailed information for group-kind subject.",
"name": "name is the user group that matches, or \"*\" to match all user groups. See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some well-known group names. Required.",
}
func (GroupSubject) SwaggerDoc() map[string]string {
return map_GroupSubject
}
var map_LimitResponse = map[string]string{
"": "LimitResponse defines how to handle requests that can not be executed right now.",
"type": "`type` is \"Queue\" or \"Reject\". \"Queue\" means that requests that can not be executed upon arrival are held in a queue until they can be executed or a queuing limit is reached. \"Reject\" means that requests that can not be executed upon arrival are rejected. Required.",
"queuing": "`queuing` holds the configuration parameters for queuing. This field may be non-empty only if `type` is `\"Queue\"`.",
}
func (LimitResponse) SwaggerDoc() map[string]string {
return map_LimitResponse
}
var map_LimitedPriorityLevelConfiguration = map[string]string{
"": "LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits. It addresses two issues:\n - How are requests for this priority level limited?\n - What should be done with requests that exceed the limit?",
"assuredConcurrencyShares": "`assuredConcurrencyShares` (ACS) configures the execution limit, which is a limit on the number of requests of this priority level that may be executing at a given time. ACS must be a positive number. The server's concurrency limit (SCL) is divided among the concurrency-controlled priority levels in proportion to their assured concurrency shares. This produces the assured concurrency value (ACV) ",
"limitResponse": "`limitResponse` indicates what to do with requests that can not be executed right now",
"lendablePercent": "`lendablePercent` prescribes the fraction of the level's NominalCL that can be borrowed by other priority levels. The value of this field must be between 0 and 100, inclusive, and it defaults to 0. The number of seats that other levels can borrow from this level, known as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.\n\nLendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )",
"borrowingLimitPercent": "`borrowingLimitPercent`, if present, configures a limit on how many seats this priority level can borrow from other priority levels. The limit is known as this level's BorrowingConcurrencyLimit (BorrowingCL) and is a limit on the total number of seats that this level may borrow at any one time. This field holds the ratio of that limit to the level's nominal concurrency limit. When this field is non-nil, it must hold a non-negative integer and the limit is calculated as follows.\n\nBorrowingCL(i) = round( NominalCL(i) * borrowingLimitPercent(i)/100.0 )\n\nThe value of this field can be more than 100, implying that this priority level can borrow a number of seats that is greater than its own nominal concurrency limit (NominalCL). When this field is left `nil`, the limit is effectively infinite.",
}
func (LimitedPriorityLevelConfiguration) SwaggerDoc() map[string]string {
return map_LimitedPriorityLevelConfiguration
}
var map_NonResourcePolicyRule = map[string]string{
"": "NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.",
"verbs": "`verbs` is a list of matching verbs and may not be empty. \"*\" matches all verbs. If it is present, it must be the only entry. Required.",
"nonResourceURLs": "`nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty. For example:\n - \"/healthz\" is legal\n - \"/hea*\" is illegal\n - \"/hea\" is legal but matches nothing\n - \"/hea/*\" also matches nothing\n - \"/healthz/*\" matches all per-component health checks.\n\"*\" matches all non-resource urls. if it is present, it must be the only entry. Required.",
}
func (NonResourcePolicyRule) SwaggerDoc() map[string]string {
return map_NonResourcePolicyRule
}
var map_PolicyRulesWithSubjects = map[string]string{
"": "PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member of resourceRules or nonResourceRules matches the request.",
"subjects": "subjects is the list of normal user, serviceaccount, or group that this rule cares about. There must be at least one member in this slice. A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request. Required.",
"resourceRules": "`resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the target resource. At least one of `resourceRules` and `nonResourceRules` has to be non-empty.",
"nonResourceRules": "`nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb and the target non-resource URL.",
}
func (PolicyRulesWithSubjects) SwaggerDoc() map[string]string {
return map_PolicyRulesWithSubjects
}
var map_PriorityLevelConfiguration = map[string]string{
"": "PriorityLevelConfiguration represents the configuration of a priority level.",
"metadata": "`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"spec": "`spec` is the specification of the desired behavior of a \"request-priority\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
"status": "`status` is the current status of a \"request-priority\". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
}
func (PriorityLevelConfiguration) SwaggerDoc() map[string]string {
return map_PriorityLevelConfiguration
}
var map_PriorityLevelConfigurationCondition = map[string]string{
"": "PriorityLevelConfigurationCondition defines the condition of priority level.",
"type": "`type` is the type of the condition. Required.",
"status": "`status` is the status of the condition. Can be True, False, Unknown. Required.",
"lastTransitionTime": "`lastTransitionTime` is the last time the condition transitioned from one status to another.",
"reason": "`reason` is a unique, one-word, CamelCase reason for the condition's last transition.",
"message": "`message` is a human-readable message indicating details about last transition.",
}
func (PriorityLevelConfigurationCondition) SwaggerDoc() map[string]string {
return map_PriorityLevelConfigurationCondition
}
var map_PriorityLevelConfigurationList = map[string]string{
"": "PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.",
"metadata": "`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"items": "`items` is a list of request-priorities.",
}
func (PriorityLevelConfigurationList) SwaggerDoc() map[string]string {
return map_PriorityLevelConfigurationList
}
var map_PriorityLevelConfigurationReference = map[string]string{
"": "PriorityLevelConfigurationReference contains information that points to the \"request-priority\" being used.",
"name": "`name` is the name of the priority level configuration being referenced Required.",
}
func (PriorityLevelConfigurationReference) SwaggerDoc() map[string]string {
return map_PriorityLevelConfigurationReference
}
var map_PriorityLevelConfigurationSpec = map[string]string{
"": "PriorityLevelConfigurationSpec specifies the configuration of a priority level.",
"type": "`type` indicates whether this priority level is subject to limitation on request execution. A value of `\"Exempt\"` means that requests of this priority level are not subject to a limit (and thus are never queued) and do not detract from the capacity made available to other priority levels. A value of `\"Limited\"` means that (a) requests of this priority level _are_ subject to limits and (b) some of the server's limited capacity is made available exclusively to this priority level. Required.",
"limited": "`limited` specifies how requests are handled for a Limited priority level. This field must be non-empty if and only if `type` is `\"Limited\"`.",
"exempt": "`exempt` specifies how requests are handled for an exempt priority level. This field MUST be empty if `type` is `\"Limited\"`. This field MAY be non-empty if `type` is `\"Exempt\"`. If empty and `type` is `\"Exempt\"` then the default values for `ExemptPriorityLevelConfiguration` apply.",
}
func (PriorityLevelConfigurationSpec) SwaggerDoc() map[string]string {
return map_PriorityLevelConfigurationSpec
}
var map_PriorityLevelConfigurationStatus = map[string]string{
"": "PriorityLevelConfigurationStatus represents the current state of a \"request-priority\".",
"conditions": "`conditions` is the current state of \"request-priority\".",
}
func (PriorityLevelConfigurationStatus) SwaggerDoc() map[string]string {
return map_PriorityLevelConfigurationStatus
}
var map_QueuingConfiguration = map[string]string{
"": "QueuingConfiguration holds the configuration parameters for queuing",
"queues": "`queues` is the number of queues for this priority level. The queues exist independently at each apiserver. The value must be positive. Setting it to 1 effectively precludes shufflesharding and thus makes the distinguisher method of associated flow schemas irrelevant. This field has a default value of 64.",
"handSize": "`handSize` is a small positive number that configures the shuffle sharding of requests into queues. When enqueuing a request at this priority level the request's flow identifier (a string pair) is hashed and the hash value is used to shuffle the list of queues and deal a hand of the size specified here. The request is put into one of the shortest queues in that hand. `handSize` must be no larger than `queues`, and should be significantly smaller (so that a few heavy flows do not saturate most of the queues). See the user-facing documentation for more extensive guidance on setting this field. This field has a default value of 8.",
"queueLengthLimit": "`queueLengthLimit` is the maximum number of requests allowed to be waiting in a given queue of this priority level at a time; excess requests are rejected. This value must be positive. If not specified, it will be defaulted to 50.",
}
func (QueuingConfiguration) SwaggerDoc() map[string]string {
return map_QueuingConfiguration
}
var map_ResourcePolicyRule = map[string]string{
"": "ResourcePolicyRule is a predicate that matches some resource requests, testing the request's verb and the target resource. A ResourcePolicyRule matches a resource request if and only if: (a) at least one member of verbs matches the request, (b) at least one member of apiGroups matches the request, (c) at least one member of resources matches the request, and (d) either (d1) the request does not specify a namespace (i.e., `Namespace==\"\"`) and clusterScope is true or (d2) the request specifies a namespace and least one member of namespaces matches the request's namespace.",
"verbs": "`verbs` is a list of matching verbs and may not be empty. \"*\" matches all verbs and, if present, must be the only entry. Required.",
"apiGroups": "`apiGroups` is a list of matching API groups and may not be empty. \"*\" matches all API groups and, if present, must be the only entry. Required.",
"resources": "`resources` is a list of matching resources (i.e., lowercase and plural) with, if desired, subresource. For example, [ \"services\", \"nodes/status\" ]. This list may not be empty. \"*\" matches all resources and, if present, must be the only entry. Required.",
"clusterScope": "`clusterScope` indicates whether to match requests that do not specify a namespace (which happens either because the resource is not namespaced or the request targets all namespaces). If this field is omitted or false then the `namespaces` field must contain a non-empty list.",
"namespaces": "`namespaces` is a list of target namespaces that restricts matches. A request that specifies a target namespace matches only if either (a) this list contains that target namespace or (b) this list contains \"*\". Note that \"*\" matches any specified namespace but does not match a request that _does not specify_ a namespace (see the `clusterScope` field for that). This list may be empty, but only if `clusterScope` is true.",
}
func (ResourcePolicyRule) SwaggerDoc() map[string]string {
return map_ResourcePolicyRule
}
var map_ServiceAccountSubject = map[string]string{
"": "ServiceAccountSubject holds detailed information for service-account-kind subject.",
"namespace": "`namespace` is the namespace of matching ServiceAccount objects. Required.",
"name": "`name` is the name of matching ServiceAccount objects, or \"*\" to match regardless of name. Required.",
}
func (ServiceAccountSubject) SwaggerDoc() map[string]string {
return map_ServiceAccountSubject
}
var map_Subject = map[string]string{
"": "Subject matches the originator of a request, as identified by the request authentication system. There are three ways of matching an originator; by user, group, or service account.",
"kind": "`kind` indicates which one of the other fields is non-empty. Required",
"user": "`user` matches based on username.",
"group": "`group` matches based on user group name.",
"serviceAccount": "`serviceAccount` matches ServiceAccounts.",
}
func (Subject) SwaggerDoc() map[string]string {
return map_Subject
}
var map_UserSubject = map[string]string{
"": "UserSubject holds detailed information for user-kind subject.",
"name": "`name` is the username that matches, or \"*\" to match all usernames. Required.",
}
func (UserSubject) SwaggerDoc() map[string]string {
return map_UserSubject
}
// AUTO-GENERATED FUNCTIONS END HERE

583
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/zz_generated.deepcopy.go generated vendored Normal file
View File

@ -0,0 +1,583 @@
//go:build !ignore_autogenerated
// +build !ignore_autogenerated
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by deepcopy-gen. DO NOT EDIT.
package v1beta2
import (
runtime "k8s.io/apimachinery/pkg/runtime"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ExemptPriorityLevelConfiguration) DeepCopyInto(out *ExemptPriorityLevelConfiguration) {
*out = *in
if in.NominalConcurrencyShares != nil {
in, out := &in.NominalConcurrencyShares, &out.NominalConcurrencyShares
*out = new(int32)
**out = **in
}
if in.LendablePercent != nil {
in, out := &in.LendablePercent, &out.LendablePercent
*out = new(int32)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExemptPriorityLevelConfiguration.
func (in *ExemptPriorityLevelConfiguration) DeepCopy() *ExemptPriorityLevelConfiguration {
if in == nil {
return nil
}
out := new(ExemptPriorityLevelConfiguration)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FlowDistinguisherMethod) DeepCopyInto(out *FlowDistinguisherMethod) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowDistinguisherMethod.
func (in *FlowDistinguisherMethod) DeepCopy() *FlowDistinguisherMethod {
if in == nil {
return nil
}
out := new(FlowDistinguisherMethod)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FlowSchema) DeepCopyInto(out *FlowSchema) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
in.Spec.DeepCopyInto(&out.Spec)
in.Status.DeepCopyInto(&out.Status)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchema.
func (in *FlowSchema) DeepCopy() *FlowSchema {
if in == nil {
return nil
}
out := new(FlowSchema)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *FlowSchema) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FlowSchemaCondition) DeepCopyInto(out *FlowSchemaCondition) {
*out = *in
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaCondition.
func (in *FlowSchemaCondition) DeepCopy() *FlowSchemaCondition {
if in == nil {
return nil
}
out := new(FlowSchemaCondition)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FlowSchemaList) DeepCopyInto(out *FlowSchemaList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]FlowSchema, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaList.
func (in *FlowSchemaList) DeepCopy() *FlowSchemaList {
if in == nil {
return nil
}
out := new(FlowSchemaList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *FlowSchemaList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FlowSchemaSpec) DeepCopyInto(out *FlowSchemaSpec) {
*out = *in
out.PriorityLevelConfiguration = in.PriorityLevelConfiguration
if in.DistinguisherMethod != nil {
in, out := &in.DistinguisherMethod, &out.DistinguisherMethod
*out = new(FlowDistinguisherMethod)
**out = **in
}
if in.Rules != nil {
in, out := &in.Rules, &out.Rules
*out = make([]PolicyRulesWithSubjects, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaSpec.
func (in *FlowSchemaSpec) DeepCopy() *FlowSchemaSpec {
if in == nil {
return nil
}
out := new(FlowSchemaSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FlowSchemaStatus) DeepCopyInto(out *FlowSchemaStatus) {
*out = *in
if in.Conditions != nil {
in, out := &in.Conditions, &out.Conditions
*out = make([]FlowSchemaCondition, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlowSchemaStatus.
func (in *FlowSchemaStatus) DeepCopy() *FlowSchemaStatus {
if in == nil {
return nil
}
out := new(FlowSchemaStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *GroupSubject) DeepCopyInto(out *GroupSubject) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSubject.
func (in *GroupSubject) DeepCopy() *GroupSubject {
if in == nil {
return nil
}
out := new(GroupSubject)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *LimitResponse) DeepCopyInto(out *LimitResponse) {
*out = *in
if in.Queuing != nil {
in, out := &in.Queuing, &out.Queuing
*out = new(QueuingConfiguration)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitResponse.
func (in *LimitResponse) DeepCopy() *LimitResponse {
if in == nil {
return nil
}
out := new(LimitResponse)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *LimitedPriorityLevelConfiguration) DeepCopyInto(out *LimitedPriorityLevelConfiguration) {
*out = *in
in.LimitResponse.DeepCopyInto(&out.LimitResponse)
if in.LendablePercent != nil {
in, out := &in.LendablePercent, &out.LendablePercent
*out = new(int32)
**out = **in
}
if in.BorrowingLimitPercent != nil {
in, out := &in.BorrowingLimitPercent, &out.BorrowingLimitPercent
*out = new(int32)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitedPriorityLevelConfiguration.
func (in *LimitedPriorityLevelConfiguration) DeepCopy() *LimitedPriorityLevelConfiguration {
if in == nil {
return nil
}
out := new(LimitedPriorityLevelConfiguration)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *NonResourcePolicyRule) DeepCopyInto(out *NonResourcePolicyRule) {
*out = *in
if in.Verbs != nil {
in, out := &in.Verbs, &out.Verbs
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.NonResourceURLs != nil {
in, out := &in.NonResourceURLs, &out.NonResourceURLs
*out = make([]string, len(*in))
copy(*out, *in)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonResourcePolicyRule.
func (in *NonResourcePolicyRule) DeepCopy() *NonResourcePolicyRule {
if in == nil {
return nil
}
out := new(NonResourcePolicyRule)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PolicyRulesWithSubjects) DeepCopyInto(out *PolicyRulesWithSubjects) {
*out = *in
if in.Subjects != nil {
in, out := &in.Subjects, &out.Subjects
*out = make([]Subject, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.ResourceRules != nil {
in, out := &in.ResourceRules, &out.ResourceRules
*out = make([]ResourcePolicyRule, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.NonResourceRules != nil {
in, out := &in.NonResourceRules, &out.NonResourceRules
*out = make([]NonResourcePolicyRule, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRulesWithSubjects.
func (in *PolicyRulesWithSubjects) DeepCopy() *PolicyRulesWithSubjects {
if in == nil {
return nil
}
out := new(PolicyRulesWithSubjects)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PriorityLevelConfiguration) DeepCopyInto(out *PriorityLevelConfiguration) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
in.Spec.DeepCopyInto(&out.Spec)
in.Status.DeepCopyInto(&out.Status)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfiguration.
func (in *PriorityLevelConfiguration) DeepCopy() *PriorityLevelConfiguration {
if in == nil {
return nil
}
out := new(PriorityLevelConfiguration)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PriorityLevelConfiguration) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PriorityLevelConfigurationCondition) DeepCopyInto(out *PriorityLevelConfigurationCondition) {
*out = *in
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationCondition.
func (in *PriorityLevelConfigurationCondition) DeepCopy() *PriorityLevelConfigurationCondition {
if in == nil {
return nil
}
out := new(PriorityLevelConfigurationCondition)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PriorityLevelConfigurationList) DeepCopyInto(out *PriorityLevelConfigurationList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]PriorityLevelConfiguration, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationList.
func (in *PriorityLevelConfigurationList) DeepCopy() *PriorityLevelConfigurationList {
if in == nil {
return nil
}
out := new(PriorityLevelConfigurationList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PriorityLevelConfigurationList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PriorityLevelConfigurationReference) DeepCopyInto(out *PriorityLevelConfigurationReference) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationReference.
func (in *PriorityLevelConfigurationReference) DeepCopy() *PriorityLevelConfigurationReference {
if in == nil {
return nil
}
out := new(PriorityLevelConfigurationReference)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PriorityLevelConfigurationSpec) DeepCopyInto(out *PriorityLevelConfigurationSpec) {
*out = *in
if in.Limited != nil {
in, out := &in.Limited, &out.Limited
*out = new(LimitedPriorityLevelConfiguration)
(*in).DeepCopyInto(*out)
}
if in.Exempt != nil {
in, out := &in.Exempt, &out.Exempt
*out = new(ExemptPriorityLevelConfiguration)
(*in).DeepCopyInto(*out)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationSpec.
func (in *PriorityLevelConfigurationSpec) DeepCopy() *PriorityLevelConfigurationSpec {
if in == nil {
return nil
}
out := new(PriorityLevelConfigurationSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PriorityLevelConfigurationStatus) DeepCopyInto(out *PriorityLevelConfigurationStatus) {
*out = *in
if in.Conditions != nil {
in, out := &in.Conditions, &out.Conditions
*out = make([]PriorityLevelConfigurationCondition, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityLevelConfigurationStatus.
func (in *PriorityLevelConfigurationStatus) DeepCopy() *PriorityLevelConfigurationStatus {
if in == nil {
return nil
}
out := new(PriorityLevelConfigurationStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *QueuingConfiguration) DeepCopyInto(out *QueuingConfiguration) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueuingConfiguration.
func (in *QueuingConfiguration) DeepCopy() *QueuingConfiguration {
if in == nil {
return nil
}
out := new(QueuingConfiguration)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ResourcePolicyRule) DeepCopyInto(out *ResourcePolicyRule) {
*out = *in
if in.Verbs != nil {
in, out := &in.Verbs, &out.Verbs
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.APIGroups != nil {
in, out := &in.APIGroups, &out.APIGroups
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.Resources != nil {
in, out := &in.Resources, &out.Resources
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.Namespaces != nil {
in, out := &in.Namespaces, &out.Namespaces
*out = make([]string, len(*in))
copy(*out, *in)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePolicyRule.
func (in *ResourcePolicyRule) DeepCopy() *ResourcePolicyRule {
if in == nil {
return nil
}
out := new(ResourcePolicyRule)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ServiceAccountSubject) DeepCopyInto(out *ServiceAccountSubject) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountSubject.
func (in *ServiceAccountSubject) DeepCopy() *ServiceAccountSubject {
if in == nil {
return nil
}
out := new(ServiceAccountSubject)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Subject) DeepCopyInto(out *Subject) {
*out = *in
if in.User != nil {
in, out := &in.User, &out.User
*out = new(UserSubject)
**out = **in
}
if in.Group != nil {
in, out := &in.Group, &out.Group
*out = new(GroupSubject)
**out = **in
}
if in.ServiceAccount != nil {
in, out := &in.ServiceAccount, &out.ServiceAccount
*out = new(ServiceAccountSubject)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subject.
func (in *Subject) DeepCopy() *Subject {
if in == nil {
return nil
}
out := new(Subject)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *UserSubject) DeepCopyInto(out *UserSubject) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSubject.
func (in *UserSubject) DeepCopy() *UserSubject {
if in == nil {
return nil
}
out := new(UserSubject)
in.DeepCopyInto(out)
return out
}

122
e2e/vendor/k8s.io/api/flowcontrol/v1beta2/zz_generated.prerelease-lifecycle.go generated vendored Normal file
View File

@ -0,0 +1,122 @@
//go:build !ignore_autogenerated
// +build !ignore_autogenerated
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by prerelease-lifecycle-gen. DO NOT EDIT.
package v1beta2
import (
schema "k8s.io/apimachinery/pkg/runtime/schema"
)
// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
func (in *FlowSchema) APILifecycleIntroduced() (major, minor int) {
return 1, 23
}
// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
func (in *FlowSchema) APILifecycleDeprecated() (major, minor int) {
return 1, 26
}
// APILifecycleReplacement is an autogenerated function, returning the group, version, and kind that should be used instead of this deprecated type.
// It is controlled by "k8s:prerelease-lifecycle-gen:replacement=<group>,<version>,<kind>" tags in types.go.
func (in *FlowSchema) APILifecycleReplacement() schema.GroupVersionKind {
return schema.GroupVersionKind{Group: "flowcontrol.apiserver.k8s.io", Version: "v1beta3", Kind: "FlowSchema"}
}
// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
func (in *FlowSchema) APILifecycleRemoved() (major, minor int) {
return 1, 29
}
// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
func (in *FlowSchemaList) APILifecycleIntroduced() (major, minor int) {
return 1, 23
}
// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
func (in *FlowSchemaList) APILifecycleDeprecated() (major, minor int) {
return 1, 26
}
// APILifecycleReplacement is an autogenerated function, returning the group, version, and kind that should be used instead of this deprecated type.
// It is controlled by "k8s:prerelease-lifecycle-gen:replacement=<group>,<version>,<kind>" tags in types.go.
func (in *FlowSchemaList) APILifecycleReplacement() schema.GroupVersionKind {
return schema.GroupVersionKind{Group: "flowcontrol.apiserver.k8s.io", Version: "v1beta3", Kind: "FlowSchemaList"}
}
// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
func (in *FlowSchemaList) APILifecycleRemoved() (major, minor int) {
return 1, 29
}
// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
func (in *PriorityLevelConfiguration) APILifecycleIntroduced() (major, minor int) {
return 1, 23
}
// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
func (in *PriorityLevelConfiguration) APILifecycleDeprecated() (major, minor int) {
return 1, 26
}
// APILifecycleReplacement is an autogenerated function, returning the group, version, and kind that should be used instead of this deprecated type.
// It is controlled by "k8s:prerelease-lifecycle-gen:replacement=<group>,<version>,<kind>" tags in types.go.
func (in *PriorityLevelConfiguration) APILifecycleReplacement() schema.GroupVersionKind {
return schema.GroupVersionKind{Group: "flowcontrol.apiserver.k8s.io", Version: "v1beta3", Kind: "PriorityLevelConfiguration"}
}
// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
func (in *PriorityLevelConfiguration) APILifecycleRemoved() (major, minor int) {
return 1, 29
}
// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
func (in *PriorityLevelConfigurationList) APILifecycleIntroduced() (major, minor int) {
return 1, 23
}
// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
func (in *PriorityLevelConfigurationList) APILifecycleDeprecated() (major, minor int) {
return 1, 26
}
// APILifecycleReplacement is an autogenerated function, returning the group, version, and kind that should be used instead of this deprecated type.
// It is controlled by "k8s:prerelease-lifecycle-gen:replacement=<group>,<version>,<kind>" tags in types.go.
func (in *PriorityLevelConfigurationList) APILifecycleReplacement() schema.GroupVersionKind {
return schema.GroupVersionKind{Group: "flowcontrol.apiserver.k8s.io", Version: "v1beta3", Kind: "PriorityLevelConfigurationList"}
}
// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
func (in *PriorityLevelConfigurationList) APILifecycleRemoved() (major, minor int) {
return 1, 29
}