build: move e2e dependencies into e2e/go.mod

Several packages are only used while running the e2e suite. These
packages are less important to update, as the they can not influence the
final executable that is part of the Ceph-CSI container-image.

By moving these dependencies out of the main Ceph-CSI go.mod, it is
easier to identify if a reported CVE affects Ceph-CSI, or only the
testing (like most of the Kubernetes CVEs).

Signed-off-by: Niels de Vos <ndevos@ibm.com>

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/OWNERS

@@ -0,0 +1,19 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+reviewers:
+  - thockin
+  - smarterclayton
+  - wojtek-t
+  - deads2k
+  - yujuhong
+  - derekwaynecarr
+  - caesarxuchao
+  - mikedanese
+  - liggitt
+  - saad-ali
+  - janetkuo
+  - pwittrock
+  - dims
+  - enj
+emeritus_reviewers:
+  - ncdc

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/doc.go

@@ -0,0 +1,19 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package generic provides a generic object store interface and a
+// generic label/field matching type.
+package generic // import "k8s.io/apiserver/pkg/registry/generic"

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/matcher.go

@@ -0,0 +1,52 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/fields"
+)
+
+// ObjectMetaFieldsSet returns a fields that represent the ObjectMeta.
+func ObjectMetaFieldsSet(objectMeta *metav1.ObjectMeta, hasNamespaceField bool) fields.Set {
+	if !hasNamespaceField {
+		return fields.Set{
+			"metadata.name": objectMeta.Name,
+		}
+	}
+	return fields.Set{
+		"metadata.name":      objectMeta.Name,
+		"metadata.namespace": objectMeta.Namespace,
+	}
+}
+
+// AdObjectMetaField add fields that represent the ObjectMeta to source.
+func AddObjectMetaFieldsSet(source fields.Set, objectMeta *metav1.ObjectMeta, hasNamespaceField bool) fields.Set {
+	source["metadata.name"] = objectMeta.Name
+	if hasNamespaceField {
+		source["metadata.namespace"] = objectMeta.Namespace
+	}
+	return source
+}
+
+// MergeFieldsSets merges a fields'set from fragment into the source.
+func MergeFieldsSets(source fields.Set, fragment fields.Set) fields.Set {
+	for k, value := range fragment {
+		source[k] = value
+	}
+	return source
+}

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/options.go

@@ -0,0 +1,60 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+	"time"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apiserver/pkg/storage"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
+	flowcontrolrequest "k8s.io/apiserver/pkg/util/flowcontrol/request"
+	"k8s.io/client-go/tools/cache"
+)
+
+// RESTOptions is set of resource-specific configuration options to generic registries.
+type RESTOptions struct {
+	StorageConfig *storagebackend.ConfigForResource
+	Decorator     StorageDecorator
+
+	EnableGarbageCollection   bool
+	DeleteCollectionWorkers   int
+	ResourcePrefix            string
+	CountMetricPollPeriod     time.Duration
+	StorageObjectCountTracker flowcontrolrequest.StorageObjectCountTracker
+}
+
+// Implement RESTOptionsGetter so that RESTOptions can directly be used when available (i.e. tests)
+func (opts RESTOptions) GetRESTOptions(schema.GroupResource, runtime.Object) (RESTOptions, error) {
+	return opts, nil
+}
+
+type RESTOptionsGetter interface {
+	// GetRESTOptions returns the RESTOptions for the given resource and example object.
+	// The example object is used to determine the storage version for the resource.
+	// If the example object is nil, the storage version will be determined by the resource's default storage version.
+	GetRESTOptions(resource schema.GroupResource, example runtime.Object) (RESTOptions, error)
+}
+
+// StoreOptions is set of configuration options used to complete generic registries.
+type StoreOptions struct {
+	RESTOptions RESTOptionsGetter
+	TriggerFunc storage.IndexerFuncs
+	AttrFunc    storage.AttrFunc
+	Indexers    *cache.Indexers
+}

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/registry/corrupt_obj_deleter.go

@@ -0,0 +1,122 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package registry
+
+import (
+	"context"
+	"errors"
+	"strings"
+
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/apiserver/pkg/registry/rest"
+	"k8s.io/apiserver/pkg/storage"
+	storeerr "k8s.io/apiserver/pkg/storage/errors"
+
+	"k8s.io/klog/v2"
+	"k8s.io/utils/ptr"
+)
+
+// the corrupt object deleter has the same interface as rest.GracefulDeleter
+var _ rest.GracefulDeleter = &corruptObjectDeleter{}
+
+// NewCorruptObjectDeleter returns a deleter that can perform unsafe deletion
+// of corrupt objects, it makes an attempt to perform a normal deletion flow
+// first, and if the normal deletion flow fails with a corrupt object error
+// then it performs the unsafe delete of the object.
+//
+// NOTE: it skips precondition checks, finalizer constraints, and any
+// post deletion hook defined in 'AfterDelete' of the registry.
+//
+// WARNING: This may break the cluster if the resource being deleted has dependencies.
+func NewCorruptObjectDeleter(store *Store) rest.GracefulDeleter {
+	return &corruptObjectDeleter{store: store}
+}
+
+// corruptObjectDeleter implements unsafe object deletion flow
+type corruptObjectDeleter struct {
+	store *Store
+}
+
+// Delete performs an unsafe deletion of the given resource from the storage.
+//
+// NOTE: This function should NEVER be used for any normal deletion
+// flow, it is exclusively used when the user enables
+// 'IgnoreStoreReadErrorWithClusterBreakingPotential' in the delete options.
+func (d *corruptObjectDeleter) Delete(ctx context.Context, name string, deleteValidation rest.ValidateObjectFunc, opts *metav1.DeleteOptions) (runtime.Object, bool, error) {
+	if opts == nil || !ptr.Deref[bool](opts.IgnoreStoreReadErrorWithClusterBreakingPotential, false) {
+		// this is a developer error, we should never be here, since the unsafe
+		// deleter is wired in the rest layer only when the option is enabled
+		return nil, false, apierrors.NewInternalError(errors.New("initialization error, expected normal deletion flow to be used"))
+	}
+
+	key, err := d.store.KeyFunc(ctx, name)
+	if err != nil {
+		return nil, false, err
+	}
+	obj := d.store.NewFunc()
+	qualifiedResource := d.store.qualifiedResourceFromContext(ctx)
+	// use the storage implementation directly, bypass the dryRun layer
+	storageBackend := d.store.Storage.Storage
+	// we leave ResourceVersion as empty in the GetOptions so the
+	// object is retrieved from the underlying storage directly
+	err = storageBackend.Get(ctx, key, storage.GetOptions{}, obj)
+	if err == nil || !storage.IsCorruptObject(err) {
+		// TODO: The Invalid error should have a field for Resource.
+		// After that field is added, we should fill the Resource and
+		// leave the Kind field empty. See the discussion in #18526.
+		qualifiedKind := schema.GroupKind{Group: qualifiedResource.Group, Kind: qualifiedResource.Resource}
+		fieldErrList := field.ErrorList{
+			field.Invalid(field.NewPath("ignoreStoreReadErrorWithClusterBreakingPotential"), true, "is exclusively used to delete corrupt object(s), try again by removing this option"),
+		}
+		return nil, false, apierrors.NewInvalid(qualifiedKind, name, fieldErrList)
+	}
+
+	// try normal deletion anyway, it is expected to fail
+	obj, deleted, err := d.store.Delete(ctx, name, deleteValidation, opts)
+	if err == nil {
+		return obj, deleted, err
+	}
+	// TODO: unfortunately we can't do storage.IsCorruptObject(err),
+	// conversion to API error drops the inner error chain
+	if !strings.Contains(err.Error(), "corrupt object") {
+		return obj, deleted, err
+	}
+
+	// TODO: at this instant, some actor may have a) managed to recreate this
+	// object by doing a delete+create, or b) the underlying error has resolved
+	// since the last time we checked, and the object is readable now.
+	klog.FromContext(ctx).V(1).Info("Going to perform unsafe object deletion", "object", klog.KRef(genericapirequest.NamespaceValue(ctx), name))
+	out := d.store.NewFunc()
+	storageOpts := storage.DeleteOptions{IgnoreStoreReadError: true}
+	// dropping preconditions, and keeping the admission
+	if err := storageBackend.Delete(ctx, key, out, nil, storage.ValidateObjectFunc(deleteValidation), nil, storageOpts); err != nil {
+		if storage.IsNotFound(err) {
+			// the DELETE succeeded, but we don't have the object since it's
+			// not retrievable from the storage, so we send a nil object
+			return nil, false, nil
+		}
+		return nil, false, storeerr.InterpretDeleteError(err, qualifiedResource, name)
+	}
+	// the DELETE succeeded, but we don't have the object sine it's
+	// not retrievable from the storage, so we send a nil objct
+	return nil, true, nil
+}

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/registry/decorated_watcher.go

@@ -0,0 +1,91 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package registry
+
+import (
+	"context"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
+)
+
+type decoratedWatcher struct {
+	w         watch.Interface
+	decorator func(runtime.Object)
+	cancel    context.CancelFunc
+	resultCh  chan watch.Event
+}
+
+func newDecoratedWatcher(ctx context.Context, w watch.Interface, decorator func(runtime.Object)) *decoratedWatcher {
+	ctx, cancel := context.WithCancel(ctx)
+	d := &decoratedWatcher{
+		w:         w,
+		decorator: decorator,
+		cancel:    cancel,
+		resultCh:  make(chan watch.Event),
+	}
+	go d.run(ctx)
+	return d
+}
+
+// run decorates watch events from the underlying watcher until its result channel
+// is closed or the passed in context is done.
+// When run() returns, decoratedWatcher#resultCh is closed.
+func (d *decoratedWatcher) run(ctx context.Context) {
+	var recv, send watch.Event
+	var ok bool
+	defer close(d.resultCh)
+	for {
+		select {
+		case recv, ok = <-d.w.ResultChan():
+			if !ok {
+				// The underlying channel was closed, cancel our context
+				d.cancel()
+				return
+			}
+			switch recv.Type {
+			case watch.Added, watch.Modified, watch.Deleted, watch.Bookmark:
+				d.decorator(recv.Object)
+				send = recv
+			case watch.Error:
+				send = recv
+			}
+			select {
+			case d.resultCh <- send:
+				// propagated event successfully
+			case <-ctx.Done():
+				// context timed out or was cancelled, stop the underlying watcher
+				d.w.Stop()
+				return
+			}
+		case <-ctx.Done():
+			// context timed out or was cancelled, stop the underlying watcher
+			d.w.Stop()
+			return
+		}
+	}
+}
+
+func (d *decoratedWatcher) Stop() {
+	// stop the underlying watcher
+	d.w.Stop()
+	// cancel our context
+	d.cancel()
+}
+
+func (d *decoratedWatcher) ResultChan() <-chan watch.Event {
+	return d.resultCh
+}

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/registry/doc.go

@@ -0,0 +1,19 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package etcd has a generic implementation of a registry that
+// stores things in etcd.
+package registry // import "k8s.io/apiserver/pkg/registry/generic/registry"

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/registry/dryrun.go

@@ -0,0 +1,123 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package registry
+
+import (
+	"context"
+	"fmt"
+	"reflect"
+
+	"k8s.io/apimachinery/pkg/conversion"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
+	"k8s.io/apiserver/pkg/storage"
+)
+
+type DryRunnableStorage struct {
+	Storage storage.Interface
+	Codec   runtime.Codec
+}
+
+func (s *DryRunnableStorage) Versioner() storage.Versioner {
+	return s.Storage.Versioner()
+}
+
+func (s *DryRunnableStorage) Create(ctx context.Context, key string, obj, out runtime.Object, ttl uint64, dryRun bool) error {
+	if dryRun {
+		if err := s.Storage.Get(ctx, key, storage.GetOptions{}, out); err == nil {
+			return storage.NewKeyExistsError(key, 0)
+		}
+		return s.copyInto(obj, out)
+	}
+	return s.Storage.Create(ctx, key, obj, out, ttl)
+}
+
+func (s *DryRunnableStorage) Delete(ctx context.Context, key string, out runtime.Object, preconditions *storage.Preconditions, deleteValidation storage.ValidateObjectFunc, dryRun bool, cachedExistingObject runtime.Object, opts storage.DeleteOptions) error {
+	if dryRun {
+		if err := s.Storage.Get(ctx, key, storage.GetOptions{}, out); err != nil {
+			return err
+		}
+		if err := preconditions.Check(key, out); err != nil {
+			return err
+		}
+		return deleteValidation(ctx, out)
+	}
+	return s.Storage.Delete(ctx, key, out, preconditions, deleteValidation, cachedExistingObject, opts)
+}
+
+func (s *DryRunnableStorage) Watch(ctx context.Context, key string, opts storage.ListOptions) (watch.Interface, error) {
+	return s.Storage.Watch(ctx, key, opts)
+}
+
+func (s *DryRunnableStorage) Get(ctx context.Context, key string, opts storage.GetOptions, objPtr runtime.Object) error {
+	return s.Storage.Get(ctx, key, opts, objPtr)
+}
+
+func (s *DryRunnableStorage) GetList(ctx context.Context, key string, opts storage.ListOptions, listObj runtime.Object) error {
+	return s.Storage.GetList(ctx, key, opts, listObj)
+}
+
+func (s *DryRunnableStorage) GuaranteedUpdate(
+	ctx context.Context, key string, destination runtime.Object, ignoreNotFound bool,
+	preconditions *storage.Preconditions, tryUpdate storage.UpdateFunc, dryRun bool, cachedExistingObject runtime.Object) error {
+	if dryRun {
+		var current runtime.Object
+		v, err := conversion.EnforcePtr(destination)
+		if err != nil {
+			return fmt.Errorf("unable to convert output object to pointer: %v", err)
+		}
+		if u, ok := v.Addr().Interface().(runtime.Unstructured); ok {
+			current = u.NewEmptyInstance()
+		} else {
+			current = reflect.New(v.Type()).Interface().(runtime.Object)
+		}
+
+		err = s.Storage.Get(ctx, key, storage.GetOptions{IgnoreNotFound: ignoreNotFound}, current)
+		if err != nil {
+			return err
+		}
+		err = preconditions.Check(key, current)
+		if err != nil {
+			return err
+		}
+		rev, err := s.Versioner().ObjectResourceVersion(current)
+		if err != nil {
+			return err
+		}
+		updated, _, err := tryUpdate(current, storage.ResponseMeta{ResourceVersion: rev})
+		if err != nil {
+			return err
+		}
+		return s.copyInto(updated, destination)
+	}
+	return s.Storage.GuaranteedUpdate(ctx, key, destination, ignoreNotFound, preconditions, tryUpdate, cachedExistingObject)
+}
+
+func (s *DryRunnableStorage) Count(key string) (int64, error) {
+	return s.Storage.Count(key)
+}
+
+func (s *DryRunnableStorage) copyInto(in, out runtime.Object) error {
+	var data []byte
+
+	data, err := runtime.Encode(s.Codec, in)
+	if err != nil {
+		return err
+	}
+	_, _, err = s.Codec.Decode(data, nil, out)
+	return err
+}

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/registry/storage_factory.go

@@ -0,0 +1,95 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package registry
+
+import (
+	"fmt"
+	"sync"
+
+	"k8s.io/klog/v2"
+
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apiserver/pkg/registry/generic"
+	"k8s.io/apiserver/pkg/storage"
+	cacherstorage "k8s.io/apiserver/pkg/storage/cacher"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
+	"k8s.io/apiserver/pkg/storage/storagebackend/factory"
+	"k8s.io/client-go/tools/cache"
+)
+
+// Creates a cacher based given storageConfig.
+func StorageWithCacher() generic.StorageDecorator {
+	return func(
+		storageConfig *storagebackend.ConfigForResource,
+		resourcePrefix string,
+		keyFunc func(obj runtime.Object) (string, error),
+		newFunc func() runtime.Object,
+		newListFunc func() runtime.Object,
+		getAttrsFunc storage.AttrFunc,
+		triggerFuncs storage.IndexerFuncs,
+		indexers *cache.Indexers) (storage.Interface, factory.DestroyFunc, error) {
+
+		s, d, err := generic.NewRawStorage(storageConfig, newFunc, newListFunc, resourcePrefix)
+		if err != nil {
+			return s, d, err
+		}
+		if klogV := klog.V(5); klogV.Enabled() {
+			//nolint:logcheck // It complains about the key/value pairs because it cannot check them.
+			klogV.InfoS("Storage caching is enabled", objectTypeToArgs(newFunc())...)
+		}
+
+		cacherConfig := cacherstorage.Config{
+			Storage:        s,
+			Versioner:      storage.APIObjectVersioner{},
+			GroupResource:  storageConfig.GroupResource,
+			ResourcePrefix: resourcePrefix,
+			KeyFunc:        keyFunc,
+			NewFunc:        newFunc,
+			NewListFunc:    newListFunc,
+			GetAttrsFunc:   getAttrsFunc,
+			IndexerFuncs:   triggerFuncs,
+			Indexers:       indexers,
+			Codec:          storageConfig.Codec,
+		}
+		cacher, err := cacherstorage.NewCacherFromConfig(cacherConfig)
+		if err != nil {
+			return nil, func() {}, err
+		}
+		var once sync.Once
+		destroyFunc := func() {
+			once.Do(func() {
+				cacher.Stop()
+				d()
+			})
+		}
+
+		return cacher, destroyFunc, nil
+	}
+}
+
+func objectTypeToArgs(obj runtime.Object) []interface{} {
+	// special-case unstructured objects that tell us their apiVersion/kind
+	if u, isUnstructured := obj.(*unstructured.Unstructured); isUnstructured {
+		if apiVersion, kind := u.GetAPIVersion(), u.GetKind(); len(apiVersion) > 0 && len(kind) > 0 {
+			return []interface{}{"apiVersion", apiVersion, "kind", kind}
+		}
+	}
+
+	// otherwise just return the type
+	return []interface{}{"type", fmt.Sprintf("%T", obj)}
+}

e2e/vendor/k8s.io/apiserver/pkg/registry/generic/storage_decorator.go

@@ -0,0 +1,58 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apiserver/pkg/storage"
+	"k8s.io/apiserver/pkg/storage/storagebackend"
+	"k8s.io/apiserver/pkg/storage/storagebackend/factory"
+	"k8s.io/client-go/tools/cache"
+)
+
+// StorageDecorator is a function signature for producing a storage.Interface
+// and an associated DestroyFunc from given parameters.
+type StorageDecorator func(
+	config *storagebackend.ConfigForResource,
+	resourcePrefix string,
+	keyFunc func(obj runtime.Object) (string, error),
+	newFunc func() runtime.Object,
+	newListFunc func() runtime.Object,
+	getAttrsFunc storage.AttrFunc,
+	trigger storage.IndexerFuncs,
+	indexers *cache.Indexers) (storage.Interface, factory.DestroyFunc, error)
+
+// UndecoratedStorage returns the given a new storage from the given config
+// without any decoration.
+func UndecoratedStorage(
+	config *storagebackend.ConfigForResource,
+	resourcePrefix string,
+	keyFunc func(obj runtime.Object) (string, error),
+	newFunc func() runtime.Object,
+	newListFunc func() runtime.Object,
+	getAttrsFunc storage.AttrFunc,
+	trigger storage.IndexerFuncs,
+	indexers *cache.Indexers) (storage.Interface, factory.DestroyFunc, error) {
+	return NewRawStorage(config, newFunc, newListFunc, resourcePrefix)
+}
+
+// NewRawStorage creates the low level kv storage. This is a work-around for current
+// two layer of same storage interface.
+// TODO: Once cacher is enabled on all registries (event registry is special), we will remove this method.
+func NewRawStorage(config *storagebackend.ConfigForResource, newFunc, newListFunc func() runtime.Object, resourcePrefix string) (storage.Interface, factory.DestroyFunc, error) {
+	return factory.Create(*config, newFunc, newListFunc, resourcePrefix)
+}