mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-13 02:33:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Migrate from dep to go module

Browse Source 
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This commit is contained in:
Madhu Rajanna
2020-02-17 17:45:57 +05:30
committed by mergify[bot]
parent a9174dd953
commit d5a0606c33
642 changed files with 54160 additions and 147015 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
vendor/k8s.io/api/admission/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,160 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.admission.v1;
import "k8s.io/api/authentication/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// AdmissionRequest describes the admission.Attributes for the admission request.
message AdmissionRequest {
// UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
// otherwise identical (parallel requests, requests when earlier requests did not modify etc)
// The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
// It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
optional string uid = 1;
// Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind kind = 2;
// Resource is the fully-qualified resource being requested (for example, v1.pods)
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource resource = 3;
// SubResource is the subresource being requested, if any (for example, "status" or "scale")
// +optional
optional string subResource = 4;
// RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale).
// If this is specified and differs from the value in "kind", an equivalent match and conversion was performed.
//
// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
// with `kind: {group:"apps", version:"v1", kind:"Deployment"}` (matching the rule the webhook registered for),
// and `requestKind: {group:"apps", version:"v1beta1", kind:"Deployment"}` (indicating the kind of the original API request).
//
// See documentation for the "matchPolicy" field in the webhook configuration type for more details.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind requestKind = 13;
// RequestResource is the fully-qualified resource of the original API request (for example, v1.pods).
// If this is specified and differs from the value in "resource", an equivalent match and conversion was performed.
//
// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
// with `resource: {group:"apps", version:"v1", resource:"deployments"}` (matching the resource the webhook registered for),
// and `requestResource: {group:"apps", version:"v1beta1", resource:"deployments"}` (indicating the resource of the original API request).
//
// See documentation for the "matchPolicy" field in the webhook configuration type.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource requestResource = 14;
// RequestSubResource is the name of the subresource of the original API request, if any (for example, "status" or "scale")
// If this is specified and differs from the value in "subResource", an equivalent match and conversion was performed.
// See documentation for the "matchPolicy" field in the webhook configuration type.
// +optional
optional string requestSubResource = 15;
// Name is the name of the object as presented in the request. On a CREATE operation, the client may omit name and
// rely on the server to generate the name. If that is the case, this field will contain an empty string.
// +optional
optional string name = 5;
// Namespace is the namespace associated with the request (if any).
// +optional
optional string namespace = 6;
// Operation is the operation being performed. This may be different than the operation
// requested. e.g. a patch can result in either a CREATE or UPDATE Operation.
optional string operation = 7;
// UserInfo is information about the requesting user
optional k8s.io.api.authentication.v1.UserInfo userInfo = 8;
// Object is the object from the incoming request.
// +optional
optional k8s.io.apimachinery.pkg.runtime.RawExtension object = 9;
// OldObject is the existing object. Only populated for DELETE and UPDATE requests.
// +optional
optional k8s.io.apimachinery.pkg.runtime.RawExtension oldObject = 10;
// DryRun indicates that modifications will definitely not be persisted for this request.
// Defaults to false.
// +optional
optional bool dryRun = 11;
// Options is the operation option structure of the operation being performed.
// e.g. `meta.k8s.io/v1.DeleteOptions` or `meta.k8s.io/v1.CreateOptions`. This may be
// different than the options the caller provided. e.g. for a patch request the performed
// Operation might be a CREATE, in which case the Options will a
// `meta.k8s.io/v1.CreateOptions` even though the caller provided `meta.k8s.io/v1.PatchOptions`.
// +optional
optional k8s.io.apimachinery.pkg.runtime.RawExtension options = 12;
}
// AdmissionResponse describes an admission response.
message AdmissionResponse {
// UID is an identifier for the individual request/response.
// This must be copied over from the corresponding AdmissionRequest.
optional string uid = 1;
// Allowed indicates whether or not the admission request was permitted.
optional bool allowed = 2;
// Result contains extra details into why an admission request was denied.
// This field IS NOT consulted in any way if "Allowed" is "true".
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Status status = 3;
// The patch body. Currently we only support "JSONPatch" which implements RFC 6902.
// +optional
optional bytes patch = 4;
// The type of Patch. Currently we only allow "JSONPatch".
// +optional
optional string patchType = 5;
// AuditAnnotations is an unstructured key value map set by remote admission controller (e.g. error=image-blacklisted).
// MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controller will prefix the keys with
// admission webhook name (e.g. imagepolicy.example.com/error=image-blacklisted). AuditAnnotations will be provided by
// the admission webhook to add additional context to the audit log for this request.
// +optional
map<string, string> auditAnnotations = 6;
}
// AdmissionReview describes an admission review request/response.
message AdmissionReview {
// Request describes the attributes for the admission request.
// +optional
optional AdmissionRequest request = 1;
// Response describes the attributes for the admission response.
// +optional
optional AdmissionResponse response = 2;
}

160
vendor/k8s.io/api/admission/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,160 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.admission.v1beta1;
import "k8s.io/api/authentication/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// AdmissionRequest describes the admission.Attributes for the admission request.
message AdmissionRequest {
// UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
// otherwise identical (parallel requests, requests when earlier requests did not modify etc)
// The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
// It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
optional string uid = 1;
// Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind kind = 2;
// Resource is the fully-qualified resource being requested (for example, v1.pods)
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource resource = 3;
// SubResource is the subresource being requested, if any (for example, "status" or "scale")
// +optional
optional string subResource = 4;
// RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale).
// If this is specified and differs from the value in "kind", an equivalent match and conversion was performed.
//
// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
// with `kind: {group:"apps", version:"v1", kind:"Deployment"}` (matching the rule the webhook registered for),
// and `requestKind: {group:"apps", version:"v1beta1", kind:"Deployment"}` (indicating the kind of the original API request).
//
// See documentation for the "matchPolicy" field in the webhook configuration type for more details.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionKind requestKind = 13;
// RequestResource is the fully-qualified resource of the original API request (for example, v1.pods).
// If this is specified and differs from the value in "resource", an equivalent match and conversion was performed.
//
// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
// with `resource: {group:"apps", version:"v1", resource:"deployments"}` (matching the resource the webhook registered for),
// and `requestResource: {group:"apps", version:"v1beta1", resource:"deployments"}` (indicating the resource of the original API request).
//
// See documentation for the "matchPolicy" field in the webhook configuration type.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.GroupVersionResource requestResource = 14;
// RequestSubResource is the name of the subresource of the original API request, if any (for example, "status" or "scale")
// If this is specified and differs from the value in "subResource", an equivalent match and conversion was performed.
// See documentation for the "matchPolicy" field in the webhook configuration type.
// +optional
optional string requestSubResource = 15;
// Name is the name of the object as presented in the request. On a CREATE operation, the client may omit name and
// rely on the server to generate the name. If that is the case, this field will contain an empty string.
// +optional
optional string name = 5;
// Namespace is the namespace associated with the request (if any).
// +optional
optional string namespace = 6;
// Operation is the operation being performed. This may be different than the operation
// requested. e.g. a patch can result in either a CREATE or UPDATE Operation.
optional string operation = 7;
// UserInfo is information about the requesting user
optional k8s.io.api.authentication.v1.UserInfo userInfo = 8;
// Object is the object from the incoming request.
// +optional
optional k8s.io.apimachinery.pkg.runtime.RawExtension object = 9;
// OldObject is the existing object. Only populated for DELETE and UPDATE requests.
// +optional
optional k8s.io.apimachinery.pkg.runtime.RawExtension oldObject = 10;
// DryRun indicates that modifications will definitely not be persisted for this request.
// Defaults to false.
// +optional
optional bool dryRun = 11;
// Options is the operation option structure of the operation being performed.
// e.g. `meta.k8s.io/v1.DeleteOptions` or `meta.k8s.io/v1.CreateOptions`. This may be
// different than the options the caller provided. e.g. for a patch request the performed
// Operation might be a CREATE, in which case the Options will a
// `meta.k8s.io/v1.CreateOptions` even though the caller provided `meta.k8s.io/v1.PatchOptions`.
// +optional
optional k8s.io.apimachinery.pkg.runtime.RawExtension options = 12;
}
// AdmissionResponse describes an admission response.
message AdmissionResponse {
// UID is an identifier for the individual request/response.
// This should be copied over from the corresponding AdmissionRequest.
optional string uid = 1;
// Allowed indicates whether or not the admission request was permitted.
optional bool allowed = 2;
// Result contains extra details into why an admission request was denied.
// This field IS NOT consulted in any way if "Allowed" is "true".
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Status status = 3;
// The patch body. Currently we only support "JSONPatch" which implements RFC 6902.
// +optional
optional bytes patch = 4;
// The type of Patch. Currently we only allow "JSONPatch".
// +optional
optional string patchType = 5;
// AuditAnnotations is an unstructured key value map set by remote admission controller (e.g. error=image-blacklisted).
// MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controller will prefix the keys with
// admission webhook name (e.g. imagepolicy.example.com/error=image-blacklisted). AuditAnnotations will be provided by
// the admission webhook to add additional context to the audit log for this request.
// +optional
map<string, string> auditAnnotations = 6;
}
// AdmissionReview describes an admission review request/response.
message AdmissionReview {
// Request describes the attributes for the admission request.
// +optional
optional AdmissionRequest request = 1;
// Response describes the attributes for the admission response.
// +optional
optional AdmissionResponse response = 2;
}

479
vendor/k8s.io/api/admissionregistration/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,479 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.admissionregistration.v1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// MutatingWebhook describes an admission webhook and the resources and operations it applies to.
message MutatingWebhook {
// The name of the admission webhook.
// Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where
// "imagepolicy" is the name of the webhook, and kubernetes.io is the name
// of the organization.
// Required.
optional string name = 1;
// ClientConfig defines how to communicate with the hook.
// Required
optional WebhookClientConfig clientConfig = 2;
// Rules describes what operations on what resources/subresources the webhook cares about.
// The webhook cares about an operation if it matches _any_ Rule.
// However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
repeated RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
// allowed values are Ignore or Fail. Defaults to Fail.
// +optional
optional string failurePolicy = 4;
// matchPolicy defines how the "rules" list is used to match incoming requests.
// Allowed values are "Exact" or "Equivalent".
//
// - Exact: match a request only if it exactly matches a specified rule.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.
//
// - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.
//
// Defaults to "Equivalent"
// +optional
optional string matchPolicy = 9;
// NamespaceSelector decides whether to run the webhook on an object based
// on whether the namespace for that object matches the selector. If the
// object itself is a namespace, the matching is performed on
// object.metadata.labels. If the object is another cluster scoped resource,
// it never skips the webhook.
//
// For example, to run the webhook on any objects whose namespace is not
// associated with "runlevel" of "0" or "1"; you will set the selector as
// follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "runlevel",
// "operator": "NotIn",
// "values": [
// "0",
// "1"
// ]
// }
// ]
// }
//
// If instead you want to only run the webhook on any objects whose
// namespace is associated with the "environment" of "prod" or "staging";
// you will set the selector as follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "environment",
// "operator": "In",
// "values": [
// "prod",
// "staging"
// ]
// }
// ]
// }
//
// See
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
// for more examples of label selectors.
//
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 5;
// ObjectSelector decides whether to run the webhook based on if the
// object has matching labels. objectSelector is evaluated against both
// the oldObject and newObject that would be sent to the webhook, and
// is considered to match if either object matches the selector. A null
// object (oldObject in the case of create, or newObject in the case of
// delete) or an object that cannot have labels (like a
// DeploymentRollback or a PodProxyOptions object) is not considered to
// match.
// Use the object selector only if the webhook is opt-in, because end
// users may skip the admission webhook by setting the labels.
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector objectSelector = 11;
// SideEffects states whether this webhook has side effects.
// Acceptable values are: None, NoneOnDryRun (webhooks created via v1beta1 may also specify Some or Unknown).
// Webhooks with side effects MUST implement a reconciliation system, since a request may be
// rejected by a future step in the admission change and the side effects therefore need to be undone.
// Requests with the dryRun attribute will be auto-rejected if they match a webhook with
// sideEffects == Unknown or Some.
optional string sideEffects = 6;
// TimeoutSeconds specifies the timeout for this webhook. After the timeout passes,
// the webhook call will be ignored or the API call will fail based on the
// failure policy.
// The timeout value must be between 1 and 30 seconds.
// Default to 10 seconds.
// +optional
optional int32 timeoutSeconds = 7;
// AdmissionReviewVersions is an ordered list of preferred `AdmissionReview`
// versions the Webhook expects. API server will try to use first version in
// the list which it supports. If none of the versions specified in this list
// supported by API server, validation will fail for this object.
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
repeated string admissionReviewVersions = 8;
// reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation.
// Allowed values are "Never" and "IfNeeded".
//
// Never: the webhook will not be called more than once in a single admission evaluation.
//
// IfNeeded: the webhook will be called at least one additional time as part of the admission evaluation
// if the object being admitted is modified by other admission plugins after the initial webhook call.
// Webhooks that specify this option *must* be idempotent, able to process objects they previously admitted.
// Note:
// * the number of additional invocations is not guaranteed to be exactly one.
// * if additional invocations result in further modifications to the object, webhooks are not guaranteed to be invoked again.
// * webhooks that use this option may be reordered to minimize the number of additional invocations.
// * to validate an object after all mutations are guaranteed complete, use a validating admission webhook instead.
//
// Defaults to "Never".
// +optional
optional string reinvocationPolicy = 10;
}
// MutatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and may change the object.
message MutatingWebhookConfiguration {
// Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Webhooks is a list of webhooks and the affected resources and operations.
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
repeated MutatingWebhook Webhooks = 2;
}
// MutatingWebhookConfigurationList is a list of MutatingWebhookConfiguration.
message MutatingWebhookConfigurationList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of MutatingWebhookConfiguration.
repeated MutatingWebhookConfiguration items = 2;
}
// Rule is a tuple of APIGroups, APIVersion, and Resources.It is recommended
// to make sure that all the tuple expansions are valid.
message Rule {
// APIGroups is the API groups the resources belong to. '*' is all groups.
// If '*' is present, the length of the slice must be one.
// Required.
repeated string apiGroups = 1;
// APIVersions is the API versions the resources belong to. '*' is all versions.
// If '*' is present, the length of the slice must be one.
// Required.
repeated string apiVersions = 2;
// Resources is a list of resources this rule applies to.
//
// For example:
// 'pods' means pods.
// 'pods/log' means the log subresource of pods.
// '*' means all resources, but not subresources.
// 'pods/*' means all subresources of pods.
// '*/scale' means all scale subresources.
// '*/*' means all resources and their subresources.
//
// If wildcard is present, the validation rule will ensure resources do not
// overlap with each other.
//
// Depending on the enclosing object, subresources might not be allowed.
// Required.
repeated string resources = 3;
// scope specifies the scope of this rule.
// Valid values are "Cluster", "Namespaced", and "*"
// "Cluster" means that only cluster-scoped resources will match this rule.
// Namespace API objects are cluster-scoped.
// "Namespaced" means that only namespaced resources will match this rule.
// "*" means that there are no scope restrictions.
// Subresources match the scope of their parent resource.
// Default is "*".
//
// +optional
optional string scope = 4;
}
// RuleWithOperations is a tuple of Operations and Resources. It is recommended to make
// sure that all the tuple expansions are valid.
message RuleWithOperations {
// Operations is the operations the admission hook cares about - CREATE, UPDATE, or *
// for all operations.
// If '*' is present, the length of the slice must be one.
// Required.
repeated string operations = 1;
// Rule is embedded, it describes other criteria of the rule, like
// APIGroups, APIVersions, Resources, etc.
optional Rule rule = 2;
}
// ServiceReference holds a reference to Service.legacy.k8s.io
message ServiceReference {
// `namespace` is the namespace of the service.
// Required
optional string namespace = 1;
// `name` is the name of the service.
// Required
optional string name = 2;
// `path` is an optional URL path which will be sent in any request to
// this service.
// +optional
optional string path = 3;
// If specified, the port on the service that hosting webhook.
// Default to 443 for backward compatibility.
// `port` should be a valid port number (1-65535, inclusive).
// +optional
optional int32 port = 4;
}
// ValidatingWebhook describes an admission webhook and the resources and operations it applies to.
message ValidatingWebhook {
// The name of the admission webhook.
// Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where
// "imagepolicy" is the name of the webhook, and kubernetes.io is the name
// of the organization.
// Required.
optional string name = 1;
// ClientConfig defines how to communicate with the hook.
// Required
optional WebhookClientConfig clientConfig = 2;
// Rules describes what operations on what resources/subresources the webhook cares about.
// The webhook cares about an operation if it matches _any_ Rule.
// However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
repeated RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
// allowed values are Ignore or Fail. Defaults to Fail.
// +optional
optional string failurePolicy = 4;
// matchPolicy defines how the "rules" list is used to match incoming requests.
// Allowed values are "Exact" or "Equivalent".
//
// - Exact: match a request only if it exactly matches a specified rule.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.
//
// - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.
//
// Defaults to "Equivalent"
// +optional
optional string matchPolicy = 9;
// NamespaceSelector decides whether to run the webhook on an object based
// on whether the namespace for that object matches the selector. If the
// object itself is a namespace, the matching is performed on
// object.metadata.labels. If the object is another cluster scoped resource,
// it never skips the webhook.
//
// For example, to run the webhook on any objects whose namespace is not
// associated with "runlevel" of "0" or "1"; you will set the selector as
// follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "runlevel",
// "operator": "NotIn",
// "values": [
// "0",
// "1"
// ]
// }
// ]
// }
//
// If instead you want to only run the webhook on any objects whose
// namespace is associated with the "environment" of "prod" or "staging";
// you will set the selector as follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "environment",
// "operator": "In",
// "values": [
// "prod",
// "staging"
// ]
// }
// ]
// }
//
// See
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels
// for more examples of label selectors.
//
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 5;
// ObjectSelector decides whether to run the webhook based on if the
// object has matching labels. objectSelector is evaluated against both
// the oldObject and newObject that would be sent to the webhook, and
// is considered to match if either object matches the selector. A null
// object (oldObject in the case of create, or newObject in the case of
// delete) or an object that cannot have labels (like a
// DeploymentRollback or a PodProxyOptions object) is not considered to
// match.
// Use the object selector only if the webhook is opt-in, because end
// users may skip the admission webhook by setting the labels.
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector objectSelector = 10;
// SideEffects states whether this webhook has side effects.
// Acceptable values are: None, NoneOnDryRun (webhooks created via v1beta1 may also specify Some or Unknown).
// Webhooks with side effects MUST implement a reconciliation system, since a request may be
// rejected by a future step in the admission change and the side effects therefore need to be undone.
// Requests with the dryRun attribute will be auto-rejected if they match a webhook with
// sideEffects == Unknown or Some.
optional string sideEffects = 6;
// TimeoutSeconds specifies the timeout for this webhook. After the timeout passes,
// the webhook call will be ignored or the API call will fail based on the
// failure policy.
// The timeout value must be between 1 and 30 seconds.
// Default to 10 seconds.
// +optional
optional int32 timeoutSeconds = 7;
// AdmissionReviewVersions is an ordered list of preferred `AdmissionReview`
// versions the Webhook expects. API server will try to use first version in
// the list which it supports. If none of the versions specified in this list
// supported by API server, validation will fail for this object.
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
repeated string admissionReviewVersions = 8;
}
// ValidatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and object without changing it.
message ValidatingWebhookConfiguration {
// Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Webhooks is a list of webhooks and the affected resources and operations.
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
repeated ValidatingWebhook Webhooks = 2;
}
// ValidatingWebhookConfigurationList is a list of ValidatingWebhookConfiguration.
message ValidatingWebhookConfigurationList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of ValidatingWebhookConfiguration.
repeated ValidatingWebhookConfiguration items = 2;
}
// WebhookClientConfig contains the information to make a TLS
// connection with the webhook
message WebhookClientConfig {
// `url` gives the location of the webhook, in standard URL form
// (`scheme://host:port/path`). Exactly one of `url` or `service`
// must be specified.
//
// The `host` should not refer to a service running in the cluster; use
// the `service` field instead. The host might be resolved via external
// DNS in some apiservers (e.g., `kube-apiserver` cannot resolve
// in-cluster DNS as that would be a layering violation). `host` may
// also be an IP address.
//
// Please note that using `localhost` or `127.0.0.1` as a `host` is
// risky unless you take great care to run this webhook on all hosts
// which run an apiserver which might need to make calls to this
// webhook. Such installs are likely to be non-portable, i.e., not easy
// to turn up in a new cluster.
//
// The scheme must be "https"; the URL must begin with "https://".
//
// A path is optional, and if present may be any string permissible in
// a URL. You may use the path to pass an arbitrary string to the
// webhook, for example, a cluster identifier.
//
// Attempting to use a user or basic auth e.g. "user:password@" is not
// allowed. Fragments ("#...") and query parameters ("?...") are not
// allowed, either.
//
// +optional
optional string url = 3;
// `service` is a reference to the service for this webhook. Either
// `service` or `url` must be specified.
//
// If the webhook is running within the cluster, then you should use `service`.
//
// +optional
optional ServiceReference service = 1;
// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
// If unspecified, system trust roots on the apiserver are used.
// +optional
optional bytes caBundle = 2;
}

487
vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,487 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.admissionregistration.v1beta1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// MutatingWebhook describes an admission webhook and the resources and operations it applies to.
message MutatingWebhook {
// The name of the admission webhook.
// Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where
// "imagepolicy" is the name of the webhook, and kubernetes.io is the name
// of the organization.
// Required.
optional string name = 1;
// ClientConfig defines how to communicate with the hook.
// Required
optional WebhookClientConfig clientConfig = 2;
// Rules describes what operations on what resources/subresources the webhook cares about.
// The webhook cares about an operation if it matches _any_ Rule.
// However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
repeated RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
// allowed values are Ignore or Fail. Defaults to Ignore.
// +optional
optional string failurePolicy = 4;
// matchPolicy defines how the "rules" list is used to match incoming requests.
// Allowed values are "Exact" or "Equivalent".
//
// - Exact: match a request only if it exactly matches a specified rule.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.
//
// - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.
//
// Defaults to "Exact"
// +optional
optional string matchPolicy = 9;
// NamespaceSelector decides whether to run the webhook on an object based
// on whether the namespace for that object matches the selector. If the
// object itself is a namespace, the matching is performed on
// object.metadata.labels. If the object is another cluster scoped resource,
// it never skips the webhook.
//
// For example, to run the webhook on any objects whose namespace is not
// associated with "runlevel" of "0" or "1"; you will set the selector as
// follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "runlevel",
// "operator": "NotIn",
// "values": [
// "0",
// "1"
// ]
// }
// ]
// }
//
// If instead you want to only run the webhook on any objects whose
// namespace is associated with the "environment" of "prod" or "staging";
// you will set the selector as follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "environment",
// "operator": "In",
// "values": [
// "prod",
// "staging"
// ]
// }
// ]
// }
//
// See
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
// for more examples of label selectors.
//
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 5;
// ObjectSelector decides whether to run the webhook based on if the
// object has matching labels. objectSelector is evaluated against both
// the oldObject and newObject that would be sent to the webhook, and
// is considered to match if either object matches the selector. A null
// object (oldObject in the case of create, or newObject in the case of
// delete) or an object that cannot have labels (like a
// DeploymentRollback or a PodProxyOptions object) is not considered to
// match.
// Use the object selector only if the webhook is opt-in, because end
// users may skip the admission webhook by setting the labels.
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector objectSelector = 11;
// SideEffects states whether this webhook has side effects.
// Acceptable values are: Unknown, None, Some, NoneOnDryRun
// Webhooks with side effects MUST implement a reconciliation system, since a request may be
// rejected by a future step in the admission change and the side effects therefore need to be undone.
// Requests with the dryRun attribute will be auto-rejected if they match a webhook with
// sideEffects == Unknown or Some. Defaults to Unknown.
// +optional
optional string sideEffects = 6;
// TimeoutSeconds specifies the timeout for this webhook. After the timeout passes,
// the webhook call will be ignored or the API call will fail based on the
// failure policy.
// The timeout value must be between 1 and 30 seconds.
// Default to 30 seconds.
// +optional
optional int32 timeoutSeconds = 7;
// AdmissionReviewVersions is an ordered list of preferred `AdmissionReview`
// versions the Webhook expects. API server will try to use first version in
// the list which it supports. If none of the versions specified in this list
// supported by API server, validation will fail for this object.
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
// Default to `['v1beta1']`.
// +optional
repeated string admissionReviewVersions = 8;
// reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation.
// Allowed values are "Never" and "IfNeeded".
//
// Never: the webhook will not be called more than once in a single admission evaluation.
//
// IfNeeded: the webhook will be called at least one additional time as part of the admission evaluation
// if the object being admitted is modified by other admission plugins after the initial webhook call.
// Webhooks that specify this option *must* be idempotent, able to process objects they previously admitted.
// Note:
// * the number of additional invocations is not guaranteed to be exactly one.
// * if additional invocations result in further modifications to the object, webhooks are not guaranteed to be invoked again.
// * webhooks that use this option may be reordered to minimize the number of additional invocations.
// * to validate an object after all mutations are guaranteed complete, use a validating admission webhook instead.
//
// Defaults to "Never".
// +optional
optional string reinvocationPolicy = 10;
}
// MutatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and may change the object.
// Deprecated in v1.16, planned for removal in v1.19. Use admissionregistration.k8s.io/v1 MutatingWebhookConfiguration instead.
message MutatingWebhookConfiguration {
// Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Webhooks is a list of webhooks and the affected resources and operations.
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
repeated MutatingWebhook Webhooks = 2;
}
// MutatingWebhookConfigurationList is a list of MutatingWebhookConfiguration.
message MutatingWebhookConfigurationList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of MutatingWebhookConfiguration.
repeated MutatingWebhookConfiguration items = 2;
}
// Rule is a tuple of APIGroups, APIVersion, and Resources.It is recommended
// to make sure that all the tuple expansions are valid.
message Rule {
// APIGroups is the API groups the resources belong to. '*' is all groups.
// If '*' is present, the length of the slice must be one.
// Required.
repeated string apiGroups = 1;
// APIVersions is the API versions the resources belong to. '*' is all versions.
// If '*' is present, the length of the slice must be one.
// Required.
repeated string apiVersions = 2;
// Resources is a list of resources this rule applies to.
//
// For example:
// 'pods' means pods.
// 'pods/log' means the log subresource of pods.
// '*' means all resources, but not subresources.
// 'pods/*' means all subresources of pods.
// '*/scale' means all scale subresources.
// '*/*' means all resources and their subresources.
//
// If wildcard is present, the validation rule will ensure resources do not
// overlap with each other.
//
// Depending on the enclosing object, subresources might not be allowed.
// Required.
repeated string resources = 3;
// scope specifies the scope of this rule.
// Valid values are "Cluster", "Namespaced", and "*"
// "Cluster" means that only cluster-scoped resources will match this rule.
// Namespace API objects are cluster-scoped.
// "Namespaced" means that only namespaced resources will match this rule.
// "*" means that there are no scope restrictions.
// Subresources match the scope of their parent resource.
// Default is "*".
//
// +optional
optional string scope = 4;
}
// RuleWithOperations is a tuple of Operations and Resources. It is recommended to make
// sure that all the tuple expansions are valid.
message RuleWithOperations {
// Operations is the operations the admission hook cares about - CREATE, UPDATE, or *
// for all operations.
// If '*' is present, the length of the slice must be one.
// Required.
repeated string operations = 1;
// Rule is embedded, it describes other criteria of the rule, like
// APIGroups, APIVersions, Resources, etc.
optional Rule rule = 2;
}
// ServiceReference holds a reference to Service.legacy.k8s.io
message ServiceReference {
// `namespace` is the namespace of the service.
// Required
optional string namespace = 1;
// `name` is the name of the service.
// Required
optional string name = 2;
// `path` is an optional URL path which will be sent in any request to
// this service.
// +optional
optional string path = 3;
// If specified, the port on the service that hosting webhook.
// Default to 443 for backward compatibility.
// `port` should be a valid port number (1-65535, inclusive).
// +optional
optional int32 port = 4;
}
// ValidatingWebhook describes an admission webhook and the resources and operations it applies to.
message ValidatingWebhook {
// The name of the admission webhook.
// Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where
// "imagepolicy" is the name of the webhook, and kubernetes.io is the name
// of the organization.
// Required.
optional string name = 1;
// ClientConfig defines how to communicate with the hook.
// Required
optional WebhookClientConfig clientConfig = 2;
// Rules describes what operations on what resources/subresources the webhook cares about.
// The webhook cares about an operation if it matches _any_ Rule.
// However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
repeated RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
// allowed values are Ignore or Fail. Defaults to Ignore.
// +optional
optional string failurePolicy = 4;
// matchPolicy defines how the "rules" list is used to match incoming requests.
// Allowed values are "Exact" or "Equivalent".
//
// - Exact: match a request only if it exactly matches a specified rule.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.
//
// - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version.
// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
// and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
// a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.
//
// Defaults to "Exact"
// +optional
optional string matchPolicy = 9;
// NamespaceSelector decides whether to run the webhook on an object based
// on whether the namespace for that object matches the selector. If the
// object itself is a namespace, the matching is performed on
// object.metadata.labels. If the object is another cluster scoped resource,
// it never skips the webhook.
//
// For example, to run the webhook on any objects whose namespace is not
// associated with "runlevel" of "0" or "1"; you will set the selector as
// follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "runlevel",
// "operator": "NotIn",
// "values": [
// "0",
// "1"
// ]
// }
// ]
// }
//
// If instead you want to only run the webhook on any objects whose
// namespace is associated with the "environment" of "prod" or "staging";
// you will set the selector as follows:
// "namespaceSelector": {
// "matchExpressions": [
// {
// "key": "environment",
// "operator": "In",
// "values": [
// "prod",
// "staging"
// ]
// }
// ]
// }
//
// See
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels
// for more examples of label selectors.
//
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 5;
// ObjectSelector decides whether to run the webhook based on if the
// object has matching labels. objectSelector is evaluated against both
// the oldObject and newObject that would be sent to the webhook, and
// is considered to match if either object matches the selector. A null
// object (oldObject in the case of create, or newObject in the case of
// delete) or an object that cannot have labels (like a
// DeploymentRollback or a PodProxyOptions object) is not considered to
// match.
// Use the object selector only if the webhook is opt-in, because end
// users may skip the admission webhook by setting the labels.
// Default to the empty LabelSelector, which matches everything.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector objectSelector = 10;
// SideEffects states whether this webhook has side effects.
// Acceptable values are: Unknown, None, Some, NoneOnDryRun
// Webhooks with side effects MUST implement a reconciliation system, since a request may be
// rejected by a future step in the admission change and the side effects therefore need to be undone.
// Requests with the dryRun attribute will be auto-rejected if they match a webhook with
// sideEffects == Unknown or Some. Defaults to Unknown.
// +optional
optional string sideEffects = 6;
// TimeoutSeconds specifies the timeout for this webhook. After the timeout passes,
// the webhook call will be ignored or the API call will fail based on the
// failure policy.
// The timeout value must be between 1 and 30 seconds.
// Default to 30 seconds.
// +optional
optional int32 timeoutSeconds = 7;
// AdmissionReviewVersions is an ordered list of preferred `AdmissionReview`
// versions the Webhook expects. API server will try to use first version in
// the list which it supports. If none of the versions specified in this list
// supported by API server, validation will fail for this object.
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
// Default to `['v1beta1']`.
// +optional
repeated string admissionReviewVersions = 8;
}
// ValidatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and object without changing it.
// Deprecated in v1.16, planned for removal in v1.19. Use admissionregistration.k8s.io/v1 ValidatingWebhookConfiguration instead.
message ValidatingWebhookConfiguration {
// Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Webhooks is a list of webhooks and the affected resources and operations.
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
repeated ValidatingWebhook Webhooks = 2;
}
// ValidatingWebhookConfigurationList is a list of ValidatingWebhookConfiguration.
message ValidatingWebhookConfigurationList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of ValidatingWebhookConfiguration.
repeated ValidatingWebhookConfiguration items = 2;
}
// WebhookClientConfig contains the information to make a TLS
// connection with the webhook
message WebhookClientConfig {
// `url` gives the location of the webhook, in standard URL form
// (`scheme://host:port/path`). Exactly one of `url` or `service`
// must be specified.
//
// The `host` should not refer to a service running in the cluster; use
// the `service` field instead. The host might be resolved via external
// DNS in some apiservers (e.g., `kube-apiserver` cannot resolve
// in-cluster DNS as that would be a layering violation). `host` may
// also be an IP address.
//
// Please note that using `localhost` or `127.0.0.1` as a `host` is
// risky unless you take great care to run this webhook on all hosts
// which run an apiserver which might need to make calls to this
// webhook. Such installs are likely to be non-portable, i.e., not easy
// to turn up in a new cluster.
//
// The scheme must be "https"; the URL must begin with "https://".
//
// A path is optional, and if present may be any string permissible in
// a URL. You may use the path to pass an arbitrary string to the
// webhook, for example, a cluster identifier.
//
// Attempting to use a user or basic auth e.g. "user:password@" is not
// allowed. Fragments ("#...") and query parameters ("?...") are not
// allowed, either.
//
// +optional
optional string url = 3;
// `service` is a reference to the service for this webhook. Either
// `service` or `url` must be specified.
//
// If the webhook is running within the cluster, then you should use `service`.
//
// +optional
optional ServiceReference service = 1;
// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
// If unspecified, system trust roots on the apiserver are used.
// +optional
optional bytes caBundle = 2;
}

701
vendor/k8s.io/api/apps/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,701 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.apps.v1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// ControllerRevision implements an immutable snapshot of state data. Clients
// are responsible for serializing and deserializing the objects that contain
// their internal state.
// Once a ControllerRevision has been successfully created, it can not be updated.
// The API Server will fail validation of all requests that attempt to mutate
// the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both
// the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However,
// it may be subject to name and representation changes in future releases, and clients should not
// depend on its stability. It is primarily for internal use by controllers.
message ControllerRevision {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Data is the serialized representation of the state.
optional k8s.io.apimachinery.pkg.runtime.RawExtension data = 2;
// Revision indicates the revision of the state represented by Data.
optional int64 revision = 3;
}
// ControllerRevisionList is a resource containing a list of ControllerRevision objects.
message ControllerRevisionList {
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of ControllerRevisions
repeated ControllerRevision items = 2;
}
// DaemonSet represents the configuration of a daemon set.
message DaemonSet {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// The desired behavior of this daemon set.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional DaemonSetSpec spec = 2;
// The current status of this daemon set. This data may be
// out of date by some window of time.
// Populated by the system.
// Read-only.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional DaemonSetStatus status = 3;
}
// DaemonSetCondition describes the state of a DaemonSet at a certain point.
message DaemonSetCondition {
// Type of DaemonSet condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// Last time the condition transitioned from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// The reason for the condition's last transition.
// +optional
optional string reason = 4;
// A human readable message indicating details about the transition.
// +optional
optional string message = 5;
}
// DaemonSetList is a collection of daemon sets.
message DaemonSetList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// A list of daemon sets.
repeated DaemonSet items = 2;
}
// DaemonSetSpec is the specification of a daemon set.
message DaemonSetSpec {
// A label query over pods that are managed by the daemon set.
// Must match in order to be controlled.
// It must match the pod template's labels.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 1;
// An object that describes the pod that will be created.
// The DaemonSet will create exactly one copy of this pod on every node
// that matches the template's node selector (or on every node if no node
// selector is specified).
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
optional k8s.io.api.core.v1.PodTemplateSpec template = 2;
// An update strategy to replace existing DaemonSet pods with new pods.
// +optional
optional DaemonSetUpdateStrategy updateStrategy = 3;
// The minimum number of seconds for which a newly created DaemonSet pod should
// be ready without any of its container crashing, for it to be considered
// available. Defaults to 0 (pod will be considered available as soon as it
// is ready).
// +optional
optional int32 minReadySeconds = 4;
// The number of old history to retain to allow rollback.
// This is a pointer to distinguish between explicit zero and not specified.
// Defaults to 10.
// +optional
optional int32 revisionHistoryLimit = 6;
}
// DaemonSetStatus represents the current status of a daemon set.
message DaemonSetStatus {
// The number of nodes that are running at least 1
// daemon pod and are supposed to run the daemon pod.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
optional int32 currentNumberScheduled = 1;
// The number of nodes that are running the daemon pod, but are
// not supposed to run the daemon pod.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
optional int32 numberMisscheduled = 2;
// The total number of nodes that should be running the daemon
// pod (including nodes correctly running the daemon pod).
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
optional int32 desiredNumberScheduled = 3;
// The number of nodes that should be running the daemon pod and have one
// or more of the daemon pod running and ready.
optional int32 numberReady = 4;
// The most recent generation observed by the daemon set controller.
// +optional
optional int64 observedGeneration = 5;
// The total number of nodes that are running updated daemon pod
// +optional
optional int32 updatedNumberScheduled = 6;
// The number of nodes that should be running the
// daemon pod and have one or more of the daemon pod running and
// available (ready for at least spec.minReadySeconds)
// +optional
optional int32 numberAvailable = 7;
// The number of nodes that should be running the
// daemon pod and have none of the daemon pod running and available
// (ready for at least spec.minReadySeconds)
// +optional
optional int32 numberUnavailable = 8;
// Count of hash collisions for the DaemonSet. The DaemonSet controller
// uses this field as a collision avoidance mechanism when it needs to
// create the name for the newest ControllerRevision.
// +optional
optional int32 collisionCount = 9;
// Represents the latest available observations of a DaemonSet's current state.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated DaemonSetCondition conditions = 10;
}
// DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.
message DaemonSetUpdateStrategy {
// Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate.
// +optional
optional string type = 1;
// Rolling update config params. Present only if type = "RollingUpdate".
// ---
// TODO: Update this to follow our convention for oneOf, whatever we decide it
// to be. Same as Deployment `strategy.rollingUpdate`.
// See https://github.com/kubernetes/kubernetes/issues/35345
// +optional
optional RollingUpdateDaemonSet rollingUpdate = 2;
}
// Deployment enables declarative updates for Pods and ReplicaSets.
message Deployment {
// Standard object metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of the Deployment.
// +optional
optional DeploymentSpec spec = 2;
// Most recently observed status of the Deployment.
// +optional
optional DeploymentStatus status = 3;
}
// DeploymentCondition describes the state of a deployment at a certain point.
message DeploymentCondition {
// Type of deployment condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// The last time this condition was updated.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastUpdateTime = 6;
// Last time the condition transitioned from one status to another.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 7;
// The reason for the condition's last transition.
optional string reason = 4;
// A human readable message indicating details about the transition.
optional string message = 5;
}
// DeploymentList is a list of Deployments.
message DeploymentList {
// Standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of Deployments.
repeated Deployment items = 2;
}
// DeploymentSpec is the specification of the desired behavior of the Deployment.
message DeploymentSpec {
// Number of desired pods. This is a pointer to distinguish between explicit
// zero and not specified. Defaults to 1.
// +optional
optional int32 replicas = 1;
// Label selector for pods. Existing ReplicaSets whose pods are
// selected by this will be the ones affected by this deployment.
// It must match the pod template's labels.
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// Template describes the pods that will be created.
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
// The deployment strategy to use to replace existing pods with new ones.
// +optional
// +patchStrategy=retainKeys
optional DeploymentStrategy strategy = 4;
// Minimum number of seconds for which a newly created pod should be ready
// without any of its container crashing, for it to be considered available.
// Defaults to 0 (pod will be considered available as soon as it is ready)
// +optional
optional int32 minReadySeconds = 5;
// The number of old ReplicaSets to retain to allow rollback.
// This is a pointer to distinguish between explicit zero and not specified.
// Defaults to 10.
// +optional
optional int32 revisionHistoryLimit = 6;
// Indicates that the deployment is paused.
// +optional
optional bool paused = 7;
// The maximum time in seconds for a deployment to make progress before it
// is considered to be failed. The deployment controller will continue to
// process failed deployments and a condition with a ProgressDeadlineExceeded
// reason will be surfaced in the deployment status. Note that progress will
// not be estimated during the time a deployment is paused. Defaults to 600s.
optional int32 progressDeadlineSeconds = 9;
}
// DeploymentStatus is the most recently observed status of the Deployment.
message DeploymentStatus {
// The generation observed by the deployment controller.
// +optional
optional int64 observedGeneration = 1;
// Total number of non-terminated pods targeted by this deployment (their labels match the selector).
// +optional
optional int32 replicas = 2;
// Total number of non-terminated pods targeted by this deployment that have the desired template spec.
// +optional
optional int32 updatedReplicas = 3;
// Total number of ready pods targeted by this deployment.
// +optional
optional int32 readyReplicas = 7;
// Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
// +optional
optional int32 availableReplicas = 4;
// Total number of unavailable pods targeted by this deployment. This is the total number of
// pods that are still required for the deployment to have 100% available capacity. They may
// either be pods that are running but not yet available or pods that still have not been created.
// +optional
optional int32 unavailableReplicas = 5;
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
repeated DeploymentCondition conditions = 6;
// Count of hash collisions for the Deployment. The Deployment controller uses this
// field as a collision avoidance mechanism when it needs to create the name for the
// newest ReplicaSet.
// +optional
optional int32 collisionCount = 8;
}
// DeploymentStrategy describes how to replace existing pods with new ones.
message DeploymentStrategy {
// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
// +optional
optional string type = 1;
// Rolling update config params. Present only if DeploymentStrategyType =
// RollingUpdate.
// ---
// TODO: Update this to follow our convention for oneOf, whatever we decide it
// to be.
// +optional
optional RollingUpdateDeployment rollingUpdate = 2;
}
// ReplicaSet ensures that a specified number of pod replicas are running at any given time.
message ReplicaSet {
// If the Labels of a ReplicaSet are empty, they are defaulted to
// be the same as the Pod(s) that the ReplicaSet manages.
// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec defines the specification of the desired behavior of the ReplicaSet.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional ReplicaSetSpec spec = 2;
// Status is the most recently observed status of the ReplicaSet.
// This data may be out of date by some window of time.
// Populated by the system.
// Read-only.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional ReplicaSetStatus status = 3;
}
// ReplicaSetCondition describes the state of a replica set at a certain point.
message ReplicaSetCondition {
// Type of replica set condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// The last time the condition transitioned from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// The reason for the condition's last transition.
// +optional
optional string reason = 4;
// A human readable message indicating details about the transition.
// +optional
optional string message = 5;
}
// ReplicaSetList is a collection of ReplicaSets.
message ReplicaSetList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of ReplicaSets.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
repeated ReplicaSet items = 2;
}
// ReplicaSetSpec is the specification of a ReplicaSet.
message ReplicaSetSpec {
// Replicas is the number of desired replicas.
// This is a pointer to distinguish between explicit zero and unspecified.
// Defaults to 1.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
// +optional
optional int32 replicas = 1;
// Minimum number of seconds for which a newly created pod should be ready
// without any of its container crashing, for it to be considered available.
// Defaults to 0 (pod will be considered available as soon as it is ready)
// +optional
optional int32 minReadySeconds = 4;
// Selector is a label query over pods that should match the replica count.
// Label keys and values that must match in order to be controlled by this replica set.
// It must match the pod template's labels.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// Template is the object that describes the pod that will be created if
// insufficient replicas are detected.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
// +optional
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
}
// ReplicaSetStatus represents the current status of a ReplicaSet.
message ReplicaSetStatus {
// Replicas is the most recently oberved number of replicas.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
optional int32 replicas = 1;
// The number of pods that have labels matching the labels of the pod template of the replicaset.
// +optional
optional int32 fullyLabeledReplicas = 2;
// The number of ready replicas for this replica set.
// +optional
optional int32 readyReplicas = 4;
// The number of available replicas (ready for at least minReadySeconds) for this replica set.
// +optional
optional int32 availableReplicas = 5;
// ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
// +optional
optional int64 observedGeneration = 3;
// Represents the latest available observations of a replica set's current state.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated ReplicaSetCondition conditions = 6;
}
// Spec to control the desired behavior of daemon set rolling update.
message RollingUpdateDaemonSet {
// The maximum number of DaemonSet pods that can be unavailable during the
// update. Value can be an absolute number (ex: 5) or a percentage of total
// number of DaemonSet pods at the start of the update (ex: 10%). Absolute
// number is calculated from percentage by rounding up.
// This cannot be 0.
// Default value is 1.
// Example: when this is set to 30%, at most 30% of the total number of nodes
// that should be running the daemon pod (i.e. status.desiredNumberScheduled)
// can have their pods stopped for an update at any given
// time. The update starts by stopping at most 30% of those DaemonSet pods
// and then brings up new DaemonSet pods in their place. Once the new pods
// are available, it then proceeds onto other DaemonSet pods, thus ensuring
// that at least 70% of original number of DaemonSet pods are available at
// all times during the update.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
}
// Spec to control the desired behavior of rolling update.
message RollingUpdateDeployment {
// The maximum number of pods that can be unavailable during the update.
// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
// Absolute number is calculated from percentage by rounding down.
// This can not be 0 if MaxSurge is 0.
// Defaults to 25%.
// Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods
// immediately when the rolling update starts. Once new pods are ready, old ReplicaSet
// can be scaled down further, followed by scaling up the new ReplicaSet, ensuring
// that the total number of pods available at all times during the update is at
// least 70% of desired pods.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
// The maximum number of pods that can be scheduled above the desired number of
// pods.
// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
// This can not be 0 if MaxUnavailable is 0.
// Absolute number is calculated from percentage by rounding up.
// Defaults to 25%.
// Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when
// the rolling update starts, such that the total number of old and new pods do not exceed
// 130% of desired pods. Once old pods have been killed,
// new ReplicaSet can be scaled up further, ensuring that total number of pods running
// at any time during the update is at most 130% of desired pods.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
}
// RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.
message RollingUpdateStatefulSetStrategy {
// Partition indicates the ordinal at which the StatefulSet should be
// partitioned.
// Default value is 0.
// +optional
optional int32 partition = 1;
}
// StatefulSet represents a set of pods with consistent identities.
// Identities are defined as:
// - Network: A single stable DNS and hostname.
// - Storage: As many VolumeClaims as requested.
// The StatefulSet guarantees that a given network identity will always
// map to the same storage identity.
message StatefulSet {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec defines the desired identities of pods in this set.
// +optional
optional StatefulSetSpec spec = 2;
// Status is the current status of Pods in this StatefulSet. This data
// may be out of date by some window of time.
// +optional
optional StatefulSetStatus status = 3;
}
// StatefulSetCondition describes the state of a statefulset at a certain point.
message StatefulSetCondition {
// Type of statefulset condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// Last time the condition transitioned from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// The reason for the condition's last transition.
// +optional
optional string reason = 4;
// A human readable message indicating details about the transition.
// +optional
optional string message = 5;
}
// StatefulSetList is a collection of StatefulSets.
message StatefulSetList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated StatefulSet items = 2;
}
// A StatefulSetSpec is the specification of a StatefulSet.
message StatefulSetSpec {
// replicas is the desired number of replicas of the given Template.
// These are replicas in the sense that they are instantiations of the
// same Template, but individual replicas also have a consistent identity.
// If unspecified, defaults to 1.
// TODO: Consider a rename of this field.
// +optional
optional int32 replicas = 1;
// selector is a label query over pods that should match the replica count.
// It must match the pod template's labels.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// template is the object that describes the pod that will be created if
// insufficient replicas are detected. Each pod stamped out by the StatefulSet
// will fulfill this Template, but have a unique identity from the rest
// of the StatefulSet.
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
// volumeClaimTemplates is a list of claims that pods are allowed to reference.
// The StatefulSet controller is responsible for mapping network identities to
// claims in a way that maintains the identity of a pod. Every claim in
// this list must have at least one matching (by name) volumeMount in one
// container in the template. A claim in this list takes precedence over
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
repeated k8s.io.api.core.v1.PersistentVolumeClaim volumeClaimTemplates = 4;
// serviceName is the name of the service that governs this StatefulSet.
// This service must exist before the StatefulSet, and is responsible for
// the network identity of the set. Pods get DNS/hostnames that follow the
// pattern: pod-specific-string.serviceName.default.svc.cluster.local
// where "pod-specific-string" is managed by the StatefulSet controller.
optional string serviceName = 5;
// podManagementPolicy controls how pods are created during initial scale up,
// when replacing pods on nodes, or when scaling down. The default policy is
// `OrderedReady`, where pods are created in increasing order (pod-0, then
// pod-1, etc) and the controller will wait until each pod is ready before
// continuing. When scaling down, the pods are removed in the opposite order.
// The alternative policy is `Parallel` which will create pods in parallel
// to match the desired scale without waiting, and on scale down will delete
// all pods at once.
// +optional
optional string podManagementPolicy = 6;
// updateStrategy indicates the StatefulSetUpdateStrategy that will be
// employed to update Pods in the StatefulSet when a revision is made to
// Template.
optional StatefulSetUpdateStrategy updateStrategy = 7;
// revisionHistoryLimit is the maximum number of revisions that will
// be maintained in the StatefulSet's revision history. The revision history
// consists of all revisions not represented by a currently applied
// StatefulSetSpec version. The default value is 10.
optional int32 revisionHistoryLimit = 8;
}
// StatefulSetStatus represents the current state of a StatefulSet.
message StatefulSetStatus {
// observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the
// StatefulSet's generation, which is updated on mutation by the API Server.
// +optional
optional int64 observedGeneration = 1;
// replicas is the number of Pods created by the StatefulSet controller.
optional int32 replicas = 2;
// readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.
optional int32 readyReplicas = 3;
// currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
// indicated by currentRevision.
optional int32 currentReplicas = 4;
// updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
// indicated by updateRevision.
optional int32 updatedReplicas = 5;
// currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the
// sequence [0,currentReplicas).
optional string currentRevision = 6;
// updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence
// [replicas-updatedReplicas,replicas)
optional string updateRevision = 7;
// collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller
// uses this field as a collision avoidance mechanism when it needs to create the name for the
// newest ControllerRevision.
// +optional
optional int32 collisionCount = 9;
// Represents the latest available observations of a statefulset's current state.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated StatefulSetCondition conditions = 10;
}
// StatefulSetUpdateStrategy indicates the strategy that the StatefulSet
// controller will use to perform updates. It includes any additional parameters
// necessary to perform the update for the indicated strategy.
message StatefulSetUpdateStrategy {
// Type indicates the type of the StatefulSetUpdateStrategy.
// Default is RollingUpdate.
// +optional
optional string type = 1;
// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.
// +optional
optional RollingUpdateStatefulSetStrategy rollingUpdate = 2;
}

484
vendor/k8s.io/api/apps/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,484 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.apps.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1beta2/ControllerRevision. See the
// release notes for more information.
// ControllerRevision implements an immutable snapshot of state data. Clients
// are responsible for serializing and deserializing the objects that contain
// their internal state.
// Once a ControllerRevision has been successfully created, it can not be updated.
// The API Server will fail validation of all requests that attempt to mutate
// the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both
// the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However,
// it may be subject to name and representation changes in future releases, and clients should not
// depend on its stability. It is primarily for internal use by controllers.
message ControllerRevision {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Data is the serialized representation of the state.
optional k8s.io.apimachinery.pkg.runtime.RawExtension data = 2;
// Revision indicates the revision of the state represented by Data.
optional int64 revision = 3;
}
// ControllerRevisionList is a resource containing a list of ControllerRevision objects.
message ControllerRevisionList {
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of ControllerRevisions
repeated ControllerRevision items = 2;
}
// DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for
// more information.
// Deployment enables declarative updates for Pods and ReplicaSets.
message Deployment {
// Standard object metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of the Deployment.
// +optional
optional DeploymentSpec spec = 2;
// Most recently observed status of the Deployment.
// +optional
optional DeploymentStatus status = 3;
}
// DeploymentCondition describes the state of a deployment at a certain point.
message DeploymentCondition {
// Type of deployment condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// The last time this condition was updated.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastUpdateTime = 6;
// Last time the condition transitioned from one status to another.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 7;
// The reason for the condition's last transition.
optional string reason = 4;
// A human readable message indicating details about the transition.
optional string message = 5;
}
// DeploymentList is a list of Deployments.
message DeploymentList {
// Standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of Deployments.
repeated Deployment items = 2;
}
// DEPRECATED.
// DeploymentRollback stores the information required to rollback a deployment.
message DeploymentRollback {
// Required: This must match the Name of a deployment.
optional string name = 1;
// The annotations to be updated to a deployment
// +optional
map<string, string> updatedAnnotations = 2;
// The config of this deployment rollback.
optional RollbackConfig rollbackTo = 3;
}
// DeploymentSpec is the specification of the desired behavior of the Deployment.
message DeploymentSpec {
// Number of desired pods. This is a pointer to distinguish between explicit
// zero and not specified. Defaults to 1.
// +optional
optional int32 replicas = 1;
// Label selector for pods. Existing ReplicaSets whose pods are
// selected by this will be the ones affected by this deployment.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// Template describes the pods that will be created.
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
// The deployment strategy to use to replace existing pods with new ones.
// +optional
// +patchStrategy=retainKeys
optional DeploymentStrategy strategy = 4;
// Minimum number of seconds for which a newly created pod should be ready
// without any of its container crashing, for it to be considered available.
// Defaults to 0 (pod will be considered available as soon as it is ready)
// +optional
optional int32 minReadySeconds = 5;
// The number of old ReplicaSets to retain to allow rollback.
// This is a pointer to distinguish between explicit zero and not specified.
// Defaults to 2.
// +optional
optional int32 revisionHistoryLimit = 6;
// Indicates that the deployment is paused.
// +optional
optional bool paused = 7;
// DEPRECATED.
// The config this deployment is rolling back to. Will be cleared after rollback is done.
// +optional
optional RollbackConfig rollbackTo = 8;
// The maximum time in seconds for a deployment to make progress before it
// is considered to be failed. The deployment controller will continue to
// process failed deployments and a condition with a ProgressDeadlineExceeded
// reason will be surfaced in the deployment status. Note that progress will
// not be estimated during the time a deployment is paused. Defaults to 600s.
// +optional
optional int32 progressDeadlineSeconds = 9;
}
// DeploymentStatus is the most recently observed status of the Deployment.
message DeploymentStatus {
// The generation observed by the deployment controller.
// +optional
optional int64 observedGeneration = 1;
// Total number of non-terminated pods targeted by this deployment (their labels match the selector).
// +optional
optional int32 replicas = 2;
// Total number of non-terminated pods targeted by this deployment that have the desired template spec.
// +optional
optional int32 updatedReplicas = 3;
// Total number of ready pods targeted by this deployment.
// +optional
optional int32 readyReplicas = 7;
// Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
// +optional
optional int32 availableReplicas = 4;
// Total number of unavailable pods targeted by this deployment. This is the total number of
// pods that are still required for the deployment to have 100% available capacity. They may
// either be pods that are running but not yet available or pods that still have not been created.
// +optional
optional int32 unavailableReplicas = 5;
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
repeated DeploymentCondition conditions = 6;
// Count of hash collisions for the Deployment. The Deployment controller uses this
// field as a collision avoidance mechanism when it needs to create the name for the
// newest ReplicaSet.
// +optional
optional int32 collisionCount = 8;
}
// DeploymentStrategy describes how to replace existing pods with new ones.
message DeploymentStrategy {
// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
// +optional
optional string type = 1;
// Rolling update config params. Present only if DeploymentStrategyType =
// RollingUpdate.
// ---
// TODO: Update this to follow our convention for oneOf, whatever we decide it
// to be.
// +optional
optional RollingUpdateDeployment rollingUpdate = 2;
}
// DEPRECATED.
message RollbackConfig {
// The revision to rollback to. If set to 0, rollback to the last revision.
// +optional
optional int64 revision = 1;
}
// Spec to control the desired behavior of rolling update.
message RollingUpdateDeployment {
// The maximum number of pods that can be unavailable during the update.
// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
// Absolute number is calculated from percentage by rounding down.
// This can not be 0 if MaxSurge is 0.
// Defaults to 25%.
// Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods
// immediately when the rolling update starts. Once new pods are ready, old ReplicaSet
// can be scaled down further, followed by scaling up the new ReplicaSet, ensuring
// that the total number of pods available at all times during the update is at
// least 70% of desired pods.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
// The maximum number of pods that can be scheduled above the desired number of
// pods.
// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
// This can not be 0 if MaxUnavailable is 0.
// Absolute number is calculated from percentage by rounding up.
// Defaults to 25%.
// Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when
// the rolling update starts, such that the total number of old and new pods do not exceed
// 130% of desired pods. Once old pods have been killed,
// new ReplicaSet can be scaled up further, ensuring that total number of pods running
// at any time during the update is at most 130% of desired pods.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
}
// RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.
message RollingUpdateStatefulSetStrategy {
// Partition indicates the ordinal at which the StatefulSet should be
// partitioned.
optional int32 partition = 1;
}
// Scale represents a scaling request for a resource.
message Scale {
// Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
// +optional
optional ScaleSpec spec = 2;
// current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only.
// +optional
optional ScaleStatus status = 3;
}
// ScaleSpec describes the attributes of a scale subresource
message ScaleSpec {
// desired number of instances for the scaled object.
// +optional
optional int32 replicas = 1;
}
// ScaleStatus represents the current status of a scale subresource.
message ScaleStatus {
// actual number of observed instances of the scaled object.
optional int32 replicas = 1;
// label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
// +optional
map<string, string> selector = 2;
// label selector for pods that should match the replicas count. This is a serializated
// version of both map-based and more expressive set-based selectors. This is done to
// avoid introspection in the clients. The string will be in the same format as the
// query-param syntax. If the target type only supports map-based selectors, both this
// field and map-based selector field are populated.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
// +optional
optional string targetSelector = 3;
}
// DEPRECATED - This group version of StatefulSet is deprecated by apps/v1beta2/StatefulSet. See the release notes for
// more information.
// StatefulSet represents a set of pods with consistent identities.
// Identities are defined as:
// - Network: A single stable DNS and hostname.
// - Storage: As many VolumeClaims as requested.
// The StatefulSet guarantees that a given network identity will always
// map to the same storage identity.
message StatefulSet {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec defines the desired identities of pods in this set.
// +optional
optional StatefulSetSpec spec = 2;
// Status is the current status of Pods in this StatefulSet. This data
// may be out of date by some window of time.
// +optional
optional StatefulSetStatus status = 3;
}
// StatefulSetCondition describes the state of a statefulset at a certain point.
message StatefulSetCondition {
// Type of statefulset condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// Last time the condition transitioned from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// The reason for the condition's last transition.
// +optional
optional string reason = 4;
// A human readable message indicating details about the transition.
// +optional
optional string message = 5;
}
// StatefulSetList is a collection of StatefulSets.
message StatefulSetList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated StatefulSet items = 2;
}
// A StatefulSetSpec is the specification of a StatefulSet.
message StatefulSetSpec {
// replicas is the desired number of replicas of the given Template.
// These are replicas in the sense that they are instantiations of the
// same Template, but individual replicas also have a consistent identity.
// If unspecified, defaults to 1.
// TODO: Consider a rename of this field.
// +optional
optional int32 replicas = 1;
// selector is a label query over pods that should match the replica count.
// If empty, defaulted to labels on the pod template.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// template is the object that describes the pod that will be created if
// insufficient replicas are detected. Each pod stamped out by the StatefulSet
// will fulfill this Template, but have a unique identity from the rest
// of the StatefulSet.
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
// volumeClaimTemplates is a list of claims that pods are allowed to reference.
// The StatefulSet controller is responsible for mapping network identities to
// claims in a way that maintains the identity of a pod. Every claim in
// this list must have at least one matching (by name) volumeMount in one
// container in the template. A claim in this list takes precedence over
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
repeated k8s.io.api.core.v1.PersistentVolumeClaim volumeClaimTemplates = 4;
// serviceName is the name of the service that governs this StatefulSet.
// This service must exist before the StatefulSet, and is responsible for
// the network identity of the set. Pods get DNS/hostnames that follow the
// pattern: pod-specific-string.serviceName.default.svc.cluster.local
// where "pod-specific-string" is managed by the StatefulSet controller.
optional string serviceName = 5;
// podManagementPolicy controls how pods are created during initial scale up,
// when replacing pods on nodes, or when scaling down. The default policy is
// `OrderedReady`, where pods are created in increasing order (pod-0, then
// pod-1, etc) and the controller will wait until each pod is ready before
// continuing. When scaling down, the pods are removed in the opposite order.
// The alternative policy is `Parallel` which will create pods in parallel
// to match the desired scale without waiting, and on scale down will delete
// all pods at once.
// +optional
optional string podManagementPolicy = 6;
// updateStrategy indicates the StatefulSetUpdateStrategy that will be
// employed to update Pods in the StatefulSet when a revision is made to
// Template.
optional StatefulSetUpdateStrategy updateStrategy = 7;
// revisionHistoryLimit is the maximum number of revisions that will
// be maintained in the StatefulSet's revision history. The revision history
// consists of all revisions not represented by a currently applied
// StatefulSetSpec version. The default value is 10.
optional int32 revisionHistoryLimit = 8;
}
// StatefulSetStatus represents the current state of a StatefulSet.
message StatefulSetStatus {
// observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the
// StatefulSet's generation, which is updated on mutation by the API Server.
// +optional
optional int64 observedGeneration = 1;
// replicas is the number of Pods created by the StatefulSet controller.
optional int32 replicas = 2;
// readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.
optional int32 readyReplicas = 3;
// currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
// indicated by currentRevision.
optional int32 currentReplicas = 4;
// updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
// indicated by updateRevision.
optional int32 updatedReplicas = 5;
// currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the
// sequence [0,currentReplicas).
optional string currentRevision = 6;
// updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence
// [replicas-updatedReplicas,replicas)
optional string updateRevision = 7;
// collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller
// uses this field as a collision avoidance mechanism when it needs to create the name for the
// newest ControllerRevision.
// +optional
optional int32 collisionCount = 9;
// Represents the latest available observations of a statefulset's current state.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated StatefulSetCondition conditions = 10;
}
// StatefulSetUpdateStrategy indicates the strategy that the StatefulSet
// controller will use to perform updates. It includes any additional parameters
// necessary to perform the update for the indicated strategy.
message StatefulSetUpdateStrategy {
// Type indicates the type of the StatefulSetUpdateStrategy.
optional string type = 1;
// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.
optional RollingUpdateStatefulSetStrategy rollingUpdate = 2;
}

752
vendor/k8s.io/api/apps/v1beta2/generated.proto generated vendored Normal file
View File

@ -0,0 +1,752 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.apps.v1beta2;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta2";
// DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1/ControllerRevision. See the
// release notes for more information.
// ControllerRevision implements an immutable snapshot of state data. Clients
// are responsible for serializing and deserializing the objects that contain
// their internal state.
// Once a ControllerRevision has been successfully created, it can not be updated.
// The API Server will fail validation of all requests that attempt to mutate
// the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both
// the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However,
// it may be subject to name and representation changes in future releases, and clients should not
// depend on its stability. It is primarily for internal use by controllers.
message ControllerRevision {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Data is the serialized representation of the state.
optional k8s.io.apimachinery.pkg.runtime.RawExtension data = 2;
// Revision indicates the revision of the state represented by Data.
optional int64 revision = 3;
}
// ControllerRevisionList is a resource containing a list of ControllerRevision objects.
message ControllerRevisionList {
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of ControllerRevisions
repeated ControllerRevision items = 2;
}
// DEPRECATED - This group version of DaemonSet is deprecated by apps/v1/DaemonSet. See the release notes for
// more information.
// DaemonSet represents the configuration of a daemon set.
message DaemonSet {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// The desired behavior of this daemon set.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional DaemonSetSpec spec = 2;
// The current status of this daemon set. This data may be
// out of date by some window of time.
// Populated by the system.
// Read-only.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional DaemonSetStatus status = 3;
}
// DaemonSetCondition describes the state of a DaemonSet at a certain point.
message DaemonSetCondition {
// Type of DaemonSet condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// Last time the condition transitioned from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// The reason for the condition's last transition.
// +optional
optional string reason = 4;
// A human readable message indicating details about the transition.
// +optional
optional string message = 5;
}
// DaemonSetList is a collection of daemon sets.
message DaemonSetList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// A list of daemon sets.
repeated DaemonSet items = 2;
}
// DaemonSetSpec is the specification of a daemon set.
message DaemonSetSpec {
// A label query over pods that are managed by the daemon set.
// Must match in order to be controlled.
// It must match the pod template's labels.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 1;
// An object that describes the pod that will be created.
// The DaemonSet will create exactly one copy of this pod on every node
// that matches the template's node selector (or on every node if no node
// selector is specified).
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
optional k8s.io.api.core.v1.PodTemplateSpec template = 2;
// An update strategy to replace existing DaemonSet pods with new pods.
// +optional
optional DaemonSetUpdateStrategy updateStrategy = 3;
// The minimum number of seconds for which a newly created DaemonSet pod should
// be ready without any of its container crashing, for it to be considered
// available. Defaults to 0 (pod will be considered available as soon as it
// is ready).
// +optional
optional int32 minReadySeconds = 4;
// The number of old history to retain to allow rollback.
// This is a pointer to distinguish between explicit zero and not specified.
// Defaults to 10.
// +optional
optional int32 revisionHistoryLimit = 6;
}
// DaemonSetStatus represents the current status of a daemon set.
message DaemonSetStatus {
// The number of nodes that are running at least 1
// daemon pod and are supposed to run the daemon pod.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
optional int32 currentNumberScheduled = 1;
// The number of nodes that are running the daemon pod, but are
// not supposed to run the daemon pod.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
optional int32 numberMisscheduled = 2;
// The total number of nodes that should be running the daemon
// pod (including nodes correctly running the daemon pod).
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
optional int32 desiredNumberScheduled = 3;
// The number of nodes that should be running the daemon pod and have one
// or more of the daemon pod running and ready.
optional int32 numberReady = 4;
// The most recent generation observed by the daemon set controller.
// +optional
optional int64 observedGeneration = 5;
// The total number of nodes that are running updated daemon pod
// +optional
optional int32 updatedNumberScheduled = 6;
// The number of nodes that should be running the
// daemon pod and have one or more of the daemon pod running and
// available (ready for at least spec.minReadySeconds)
// +optional
optional int32 numberAvailable = 7;
// The number of nodes that should be running the
// daemon pod and have none of the daemon pod running and available
// (ready for at least spec.minReadySeconds)
// +optional
optional int32 numberUnavailable = 8;
// Count of hash collisions for the DaemonSet. The DaemonSet controller
// uses this field as a collision avoidance mechanism when it needs to
// create the name for the newest ControllerRevision.
// +optional
optional int32 collisionCount = 9;
// Represents the latest available observations of a DaemonSet's current state.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated DaemonSetCondition conditions = 10;
}
// DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.
message DaemonSetUpdateStrategy {
// Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate.
// +optional
optional string type = 1;
// Rolling update config params. Present only if type = "RollingUpdate".
// ---
// TODO: Update this to follow our convention for oneOf, whatever we decide it
// to be. Same as Deployment `strategy.rollingUpdate`.
// See https://github.com/kubernetes/kubernetes/issues/35345
// +optional
optional RollingUpdateDaemonSet rollingUpdate = 2;
}
// DEPRECATED - This group version of Deployment is deprecated by apps/v1/Deployment. See the release notes for
// more information.
// Deployment enables declarative updates for Pods and ReplicaSets.
message Deployment {
// Standard object metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of the Deployment.
// +optional
optional DeploymentSpec spec = 2;
// Most recently observed status of the Deployment.
// +optional
optional DeploymentStatus status = 3;
}
// DeploymentCondition describes the state of a deployment at a certain point.
message DeploymentCondition {
// Type of deployment condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// The last time this condition was updated.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastUpdateTime = 6;
// Last time the condition transitioned from one status to another.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 7;
// The reason for the condition's last transition.
optional string reason = 4;
// A human readable message indicating details about the transition.
optional string message = 5;
}
// DeploymentList is a list of Deployments.
message DeploymentList {
// Standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of Deployments.
repeated Deployment items = 2;
}
// DeploymentSpec is the specification of the desired behavior of the Deployment.
message DeploymentSpec {
// Number of desired pods. This is a pointer to distinguish between explicit
// zero and not specified. Defaults to 1.
// +optional
optional int32 replicas = 1;
// Label selector for pods. Existing ReplicaSets whose pods are
// selected by this will be the ones affected by this deployment.
// It must match the pod template's labels.
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// Template describes the pods that will be created.
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
// The deployment strategy to use to replace existing pods with new ones.
// +optional
// +patchStrategy=retainKeys
optional DeploymentStrategy strategy = 4;
// Minimum number of seconds for which a newly created pod should be ready
// without any of its container crashing, for it to be considered available.
// Defaults to 0 (pod will be considered available as soon as it is ready)
// +optional
optional int32 minReadySeconds = 5;
// The number of old ReplicaSets to retain to allow rollback.
// This is a pointer to distinguish between explicit zero and not specified.
// Defaults to 10.
// +optional
optional int32 revisionHistoryLimit = 6;
// Indicates that the deployment is paused.
// +optional
optional bool paused = 7;
// The maximum time in seconds for a deployment to make progress before it
// is considered to be failed. The deployment controller will continue to
// process failed deployments and a condition with a ProgressDeadlineExceeded
// reason will be surfaced in the deployment status. Note that progress will
// not be estimated during the time a deployment is paused. Defaults to 600s.
optional int32 progressDeadlineSeconds = 9;
}
// DeploymentStatus is the most recently observed status of the Deployment.
message DeploymentStatus {
// The generation observed by the deployment controller.
// +optional
optional int64 observedGeneration = 1;
// Total number of non-terminated pods targeted by this deployment (their labels match the selector).
// +optional
optional int32 replicas = 2;
// Total number of non-terminated pods targeted by this deployment that have the desired template spec.
// +optional
optional int32 updatedReplicas = 3;
// Total number of ready pods targeted by this deployment.
// +optional
optional int32 readyReplicas = 7;
// Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
// +optional
optional int32 availableReplicas = 4;
// Total number of unavailable pods targeted by this deployment. This is the total number of
// pods that are still required for the deployment to have 100% available capacity. They may
// either be pods that are running but not yet available or pods that still have not been created.
// +optional
optional int32 unavailableReplicas = 5;
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
repeated DeploymentCondition conditions = 6;
// Count of hash collisions for the Deployment. The Deployment controller uses this
// field as a collision avoidance mechanism when it needs to create the name for the
// newest ReplicaSet.
// +optional
optional int32 collisionCount = 8;
}
// DeploymentStrategy describes how to replace existing pods with new ones.
message DeploymentStrategy {
// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
// +optional
optional string type = 1;
// Rolling update config params. Present only if DeploymentStrategyType =
// RollingUpdate.
// ---
// TODO: Update this to follow our convention for oneOf, whatever we decide it
// to be.
// +optional
optional RollingUpdateDeployment rollingUpdate = 2;
}
// DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1/ReplicaSet. See the release notes for
// more information.
// ReplicaSet ensures that a specified number of pod replicas are running at any given time.
message ReplicaSet {
// If the Labels of a ReplicaSet are empty, they are defaulted to
// be the same as the Pod(s) that the ReplicaSet manages.
// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec defines the specification of the desired behavior of the ReplicaSet.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional ReplicaSetSpec spec = 2;
// Status is the most recently observed status of the ReplicaSet.
// This data may be out of date by some window of time.
// Populated by the system.
// Read-only.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional ReplicaSetStatus status = 3;
}
// ReplicaSetCondition describes the state of a replica set at a certain point.
message ReplicaSetCondition {
// Type of replica set condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// The last time the condition transitioned from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// The reason for the condition's last transition.
// +optional
optional string reason = 4;
// A human readable message indicating details about the transition.
// +optional
optional string message = 5;
}
// ReplicaSetList is a collection of ReplicaSets.
message ReplicaSetList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of ReplicaSets.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
repeated ReplicaSet items = 2;
}
// ReplicaSetSpec is the specification of a ReplicaSet.
message ReplicaSetSpec {
// Replicas is the number of desired replicas.
// This is a pointer to distinguish between explicit zero and unspecified.
// Defaults to 1.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
// +optional
optional int32 replicas = 1;
// Minimum number of seconds for which a newly created pod should be ready
// without any of its container crashing, for it to be considered available.
// Defaults to 0 (pod will be considered available as soon as it is ready)
// +optional
optional int32 minReadySeconds = 4;
// Selector is a label query over pods that should match the replica count.
// Label keys and values that must match in order to be controlled by this replica set.
// It must match the pod template's labels.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// Template is the object that describes the pod that will be created if
// insufficient replicas are detected.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
// +optional
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
}
// ReplicaSetStatus represents the current status of a ReplicaSet.
message ReplicaSetStatus {
// Replicas is the most recently oberved number of replicas.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
optional int32 replicas = 1;
// The number of pods that have labels matching the labels of the pod template of the replicaset.
// +optional
optional int32 fullyLabeledReplicas = 2;
// The number of ready replicas for this replica set.
// +optional
optional int32 readyReplicas = 4;
// The number of available replicas (ready for at least minReadySeconds) for this replica set.
// +optional
optional int32 availableReplicas = 5;
// ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
// +optional
optional int64 observedGeneration = 3;
// Represents the latest available observations of a replica set's current state.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated ReplicaSetCondition conditions = 6;
}
// Spec to control the desired behavior of daemon set rolling update.
message RollingUpdateDaemonSet {
// The maximum number of DaemonSet pods that can be unavailable during the
// update. Value can be an absolute number (ex: 5) or a percentage of total
// number of DaemonSet pods at the start of the update (ex: 10%). Absolute
// number is calculated from percentage by rounding up.
// This cannot be 0.
// Default value is 1.
// Example: when this is set to 30%, at most 30% of the total number of nodes
// that should be running the daemon pod (i.e. status.desiredNumberScheduled)
// can have their pods stopped for an update at any given
// time. The update starts by stopping at most 30% of those DaemonSet pods
// and then brings up new DaemonSet pods in their place. Once the new pods
// are available, it then proceeds onto other DaemonSet pods, thus ensuring
// that at least 70% of original number of DaemonSet pods are available at
// all times during the update.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
}
// Spec to control the desired behavior of rolling update.
message RollingUpdateDeployment {
// The maximum number of pods that can be unavailable during the update.
// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
// Absolute number is calculated from percentage by rounding down.
// This can not be 0 if MaxSurge is 0.
// Defaults to 25%.
// Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods
// immediately when the rolling update starts. Once new pods are ready, old ReplicaSet
// can be scaled down further, followed by scaling up the new ReplicaSet, ensuring
// that the total number of pods available at all times during the update is at
// least 70% of desired pods.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
// The maximum number of pods that can be scheduled above the desired number of
// pods.
// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
// This can not be 0 if MaxUnavailable is 0.
// Absolute number is calculated from percentage by rounding up.
// Defaults to 25%.
// Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when
// the rolling update starts, such that the total number of old and new pods do not exceed
// 130% of desired pods. Once old pods have been killed,
// new ReplicaSet can be scaled up further, ensuring that total number of pods running
// at any time during the update is at most 130% of desired pods.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
}
// RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.
message RollingUpdateStatefulSetStrategy {
// Partition indicates the ordinal at which the StatefulSet should be
// partitioned.
// Default value is 0.
// +optional
optional int32 partition = 1;
}
// Scale represents a scaling request for a resource.
message Scale {
// Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
// +optional
optional ScaleSpec spec = 2;
// current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only.
// +optional
optional ScaleStatus status = 3;
}
// ScaleSpec describes the attributes of a scale subresource
message ScaleSpec {
// desired number of instances for the scaled object.
// +optional
optional int32 replicas = 1;
}
// ScaleStatus represents the current status of a scale subresource.
message ScaleStatus {
// actual number of observed instances of the scaled object.
optional int32 replicas = 1;
// label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
// +optional
map<string, string> selector = 2;
// label selector for pods that should match the replicas count. This is a serializated
// version of both map-based and more expressive set-based selectors. This is done to
// avoid introspection in the clients. The string will be in the same format as the
// query-param syntax. If the target type only supports map-based selectors, both this
// field and map-based selector field are populated.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
// +optional
optional string targetSelector = 3;
}
// DEPRECATED - This group version of StatefulSet is deprecated by apps/v1/StatefulSet. See the release notes for
// more information.
// StatefulSet represents a set of pods with consistent identities.
// Identities are defined as:
// - Network: A single stable DNS and hostname.
// - Storage: As many VolumeClaims as requested.
// The StatefulSet guarantees that a given network identity will always
// map to the same storage identity.
message StatefulSet {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec defines the desired identities of pods in this set.
// +optional
optional StatefulSetSpec spec = 2;
// Status is the current status of Pods in this StatefulSet. This data
// may be out of date by some window of time.
// +optional
optional StatefulSetStatus status = 3;
}
// StatefulSetCondition describes the state of a statefulset at a certain point.
message StatefulSetCondition {
// Type of statefulset condition.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// Last time the condition transitioned from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// The reason for the condition's last transition.
// +optional
optional string reason = 4;
// A human readable message indicating details about the transition.
// +optional
optional string message = 5;
}
// StatefulSetList is a collection of StatefulSets.
message StatefulSetList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated StatefulSet items = 2;
}
// A StatefulSetSpec is the specification of a StatefulSet.
message StatefulSetSpec {
// replicas is the desired number of replicas of the given Template.
// These are replicas in the sense that they are instantiations of the
// same Template, but individual replicas also have a consistent identity.
// If unspecified, defaults to 1.
// TODO: Consider a rename of this field.
// +optional
optional int32 replicas = 1;
// selector is a label query over pods that should match the replica count.
// It must match the pod template's labels.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// template is the object that describes the pod that will be created if
// insufficient replicas are detected. Each pod stamped out by the StatefulSet
// will fulfill this Template, but have a unique identity from the rest
// of the StatefulSet.
optional k8s.io.api.core.v1.PodTemplateSpec template = 3;
// volumeClaimTemplates is a list of claims that pods are allowed to reference.
// The StatefulSet controller is responsible for mapping network identities to
// claims in a way that maintains the identity of a pod. Every claim in
// this list must have at least one matching (by name) volumeMount in one
// container in the template. A claim in this list takes precedence over
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
repeated k8s.io.api.core.v1.PersistentVolumeClaim volumeClaimTemplates = 4;
// serviceName is the name of the service that governs this StatefulSet.
// This service must exist before the StatefulSet, and is responsible for
// the network identity of the set. Pods get DNS/hostnames that follow the
// pattern: pod-specific-string.serviceName.default.svc.cluster.local
// where "pod-specific-string" is managed by the StatefulSet controller.
optional string serviceName = 5;
// podManagementPolicy controls how pods are created during initial scale up,
// when replacing pods on nodes, or when scaling down. The default policy is
// `OrderedReady`, where pods are created in increasing order (pod-0, then
// pod-1, etc) and the controller will wait until each pod is ready before
// continuing. When scaling down, the pods are removed in the opposite order.
// The alternative policy is `Parallel` which will create pods in parallel
// to match the desired scale without waiting, and on scale down will delete
// all pods at once.
// +optional
optional string podManagementPolicy = 6;
// updateStrategy indicates the StatefulSetUpdateStrategy that will be
// employed to update Pods in the StatefulSet when a revision is made to
// Template.
optional StatefulSetUpdateStrategy updateStrategy = 7;
// revisionHistoryLimit is the maximum number of revisions that will
// be maintained in the StatefulSet's revision history. The revision history
// consists of all revisions not represented by a currently applied
// StatefulSetSpec version. The default value is 10.
optional int32 revisionHistoryLimit = 8;
}
// StatefulSetStatus represents the current state of a StatefulSet.
message StatefulSetStatus {
// observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the
// StatefulSet's generation, which is updated on mutation by the API Server.
// +optional
optional int64 observedGeneration = 1;
// replicas is the number of Pods created by the StatefulSet controller.
optional int32 replicas = 2;
// readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.
optional int32 readyReplicas = 3;
// currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
// indicated by currentRevision.
optional int32 currentReplicas = 4;
// updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
// indicated by updateRevision.
optional int32 updatedReplicas = 5;
// currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the
// sequence [0,currentReplicas).
optional string currentRevision = 6;
// updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence
// [replicas-updatedReplicas,replicas)
optional string updateRevision = 7;
// collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller
// uses this field as a collision avoidance mechanism when it needs to create the name for the
// newest ControllerRevision.
// +optional
optional int32 collisionCount = 9;
// Represents the latest available observations of a statefulset's current state.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated StatefulSetCondition conditions = 10;
}
// StatefulSetUpdateStrategy indicates the strategy that the StatefulSet
// controller will use to perform updates. It includes any additional parameters
// necessary to perform the update for the indicated strategy.
message StatefulSetUpdateStrategy {
// Type indicates the type of the StatefulSetUpdateStrategy.
// Default is RollingUpdate.
// +optional
optional string type = 1;
// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.
// +optional
optional RollingUpdateStatefulSetStrategy rollingUpdate = 2;
}

162
vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,162 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.auditregistration.v1alpha1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// AuditSink represents a cluster level audit sink
message AuditSink {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec defines the audit configuration spec
optional AuditSinkSpec spec = 2;
}
// AuditSinkList is a list of AuditSink items.
message AuditSinkList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of audit configurations.
repeated AuditSink items = 2;
}
// AuditSinkSpec holds the spec for the audit sink
message AuditSinkSpec {
// Policy defines the policy for selecting which events should be sent to the webhook
// required
optional Policy policy = 1;
// Webhook to send events
// required
optional Webhook webhook = 2;
}
// Policy defines the configuration of how audit events are logged
message Policy {
// The Level that all requests are recorded at.
// available options: None, Metadata, Request, RequestResponse
// required
optional string level = 1;
// Stages is a list of stages for which events are created.
// +optional
repeated string stages = 2;
}
// ServiceReference holds a reference to Service.legacy.k8s.io
message ServiceReference {
// `namespace` is the namespace of the service.
// Required
optional string namespace = 1;
// `name` is the name of the service.
// Required
optional string name = 2;
// `path` is an optional URL path which will be sent in any request to
// this service.
// +optional
optional string path = 3;
// If specified, the port on the service that hosting webhook.
// Default to 443 for backward compatibility.
// `port` should be a valid port number (1-65535, inclusive).
// +optional
optional int32 port = 4;
}
// Webhook holds the configuration of the webhook
message Webhook {
// Throttle holds the options for throttling the webhook
// +optional
optional WebhookThrottleConfig throttle = 1;
// ClientConfig holds the connection parameters for the webhook
// required
optional WebhookClientConfig clientConfig = 2;
}
// WebhookClientConfig contains the information to make a connection with the webhook
message WebhookClientConfig {
// `url` gives the location of the webhook, in standard URL form
// (`scheme://host:port/path`). Exactly one of `url` or `service`
// must be specified.
//
// The `host` should not refer to a service running in the cluster; use
// the `service` field instead. The host might be resolved via external
// DNS in some apiservers (e.g., `kube-apiserver` cannot resolve
// in-cluster DNS as that would be a layering violation). `host` may
// also be an IP address.
//
// Please note that using `localhost` or `127.0.0.1` as a `host` is
// risky unless you take great care to run this webhook on all hosts
// which run an apiserver which might need to make calls to this
// webhook. Such installs are likely to be non-portable, i.e., not easy
// to turn up in a new cluster.
//
// The scheme must be "https"; the URL must begin with "https://".
//
// A path is optional, and if present may be any string permissible in
// a URL. You may use the path to pass an arbitrary string to the
// webhook, for example, a cluster identifier.
//
// Attempting to use a user or basic auth e.g. "user:password@" is not
// allowed. Fragments ("#...") and query parameters ("?...") are not
// allowed, either.
//
// +optional
optional string url = 1;
// `service` is a reference to the service for this webhook. Either
// `service` or `url` must be specified.
//
// If the webhook is running within the cluster, then you should use `service`.
//
// +optional
optional ServiceReference service = 2;
// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
// If unspecified, system trust roots on the apiserver are used.
// +optional
optional bytes caBundle = 3;
}
// WebhookThrottleConfig holds the configuration for throttling events
message WebhookThrottleConfig {
// ThrottleQPS maximum number of batches per second
// default 10 QPS
// +optional
optional int64 qps = 1;
// ThrottleBurst is the maximum number of events sent at the same moment
// default 15 QPS
// +optional
optional int64 burst = 2;
}

182
vendor/k8s.io/api/authentication/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,182 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.authentication.v1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// BoundObjectReference is a reference to an object that a token is bound to.
message BoundObjectReference {
// Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
// +optional
optional string kind = 1;
// API version of the referent.
// +optional
optional string aPIVersion = 2;
// Name of the referent.
// +optional
optional string name = 3;
// UID of the referent.
// +optional
optional string uID = 4;
}
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
message ExtraValue {
// items, if empty, will result in an empty slice
repeated string items = 1;
}
// TokenRequest requests a token for a given service account.
message TokenRequest {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
optional TokenRequestSpec spec = 2;
// +optional
optional TokenRequestStatus status = 3;
}
// TokenRequestSpec contains client provided parameters of a token request.
message TokenRequestSpec {
// Audiences are the intendend audiences of the token. A recipient of a
// token must identitfy themself with an identifier in the list of
// audiences of the token, and otherwise should reject the token. A
// token issued for multiple audiences may be used to authenticate
// against any of the audiences listed but implies a high degree of
// trust between the target audiences.
repeated string audiences = 1;
// ExpirationSeconds is the requested duration of validity of the request. The
// token issuer may return a token with a different validity duration so a
// client needs to check the 'expiration' field in a response.
// +optional
optional int64 expirationSeconds = 4;
// BoundObjectRef is a reference to an object that the token will be bound to.
// The token will only be valid for as long as the bound object exists.
// NOTE: The API server's TokenReview endpoint will validate the
// BoundObjectRef, but other audiences may not. Keep ExpirationSeconds
// small if you want prompt revocation.
// +optional
optional BoundObjectReference boundObjectRef = 3;
}
// TokenRequestStatus is the result of a token request.
message TokenRequestStatus {
// Token is the opaque bearer token.
optional string token = 1;
// ExpirationTimestamp is the time of expiration of the returned token.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time expirationTimestamp = 2;
}
// TokenReview attempts to authenticate a token to a known user.
// Note: TokenReview requests may be cached by the webhook token authenticator
// plugin in the kube-apiserver.
message TokenReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated
optional TokenReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request can be authenticated.
// +optional
optional TokenReviewStatus status = 3;
}
// TokenReviewSpec is a description of the token authentication request.
message TokenReviewSpec {
// Token is the opaque bearer token.
// +optional
optional string token = 1;
// Audiences is a list of the identifiers that the resource server presented
// with the token identifies as. Audience-aware token authenticators will
// verify that the token was intended for at least one of the audiences in
// this list. If no audiences are provided, the audience will default to the
// audience of the Kubernetes apiserver.
// +optional
repeated string audiences = 2;
}
// TokenReviewStatus is the result of the token authentication request.
message TokenReviewStatus {
// Authenticated indicates that the token was associated with a known user.
// +optional
optional bool authenticated = 1;
// User is the UserInfo associated with the provided token.
// +optional
optional UserInfo user = 2;
// Audiences are audience identifiers chosen by the authenticator that are
// compatible with both the TokenReview and token. An identifier is any
// identifier in the intersection of the TokenReviewSpec audiences and the
// token's audiences. A client of the TokenReview API that sets the
// spec.audiences field should validate that a compatible audience identifier
// is returned in the status.audiences field to ensure that the TokenReview
// server is audience aware. If a TokenReview returns an empty
// status.audience field where status.authenticated is "true", the token is
// valid against the audience of the Kubernetes API server.
// +optional
repeated string audiences = 4;
// Error indicates that the token couldn't be checked
// +optional
optional string error = 3;
}
// UserInfo holds the information about the user needed to implement the
// user.Info interface.
message UserInfo {
// The name that uniquely identifies this user among all active users.
// +optional
optional string username = 1;
// A unique value that identifies this user across time. If this user is
// deleted and another user by the same name is added, they will have
// different UIDs.
// +optional
optional string uid = 2;
// The names of groups this user is a part of.
// +optional
repeated string groups = 3;
// Any additional information provided by the authenticator.
// +optional
map<string, ExtraValue> extra = 4;
}

118
vendor/k8s.io/api/authentication/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,118 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.authentication.v1beta1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
message ExtraValue {
// items, if empty, will result in an empty slice
repeated string items = 1;
}
// TokenReview attempts to authenticate a token to a known user.
// Note: TokenReview requests may be cached by the webhook token authenticator
// plugin in the kube-apiserver.
message TokenReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated
optional TokenReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request can be authenticated.
// +optional
optional TokenReviewStatus status = 3;
}
// TokenReviewSpec is a description of the token authentication request.
message TokenReviewSpec {
// Token is the opaque bearer token.
// +optional
optional string token = 1;
// Audiences is a list of the identifiers that the resource server presented
// with the token identifies as. Audience-aware token authenticators will
// verify that the token was intended for at least one of the audiences in
// this list. If no audiences are provided, the audience will default to the
// audience of the Kubernetes apiserver.
// +optional
repeated string audiences = 2;
}
// TokenReviewStatus is the result of the token authentication request.
message TokenReviewStatus {
// Authenticated indicates that the token was associated with a known user.
// +optional
optional bool authenticated = 1;
// User is the UserInfo associated with the provided token.
// +optional
optional UserInfo user = 2;
// Audiences are audience identifiers chosen by the authenticator that are
// compatible with both the TokenReview and token. An identifier is any
// identifier in the intersection of the TokenReviewSpec audiences and the
// token's audiences. A client of the TokenReview API that sets the
// spec.audiences field should validate that a compatible audience identifier
// is returned in the status.audiences field to ensure that the TokenReview
// server is audience aware. If a TokenReview returns an empty
// status.audience field where status.authenticated is "true", the token is
// valid against the audience of the Kubernetes API server.
// +optional
repeated string audiences = 4;
// Error indicates that the token couldn't be checked
// +optional
optional string error = 3;
}
// UserInfo holds the information about the user needed to implement the
// user.Info interface.
message UserInfo {
// The name that uniquely identifies this user among all active users.
// +optional
optional string username = 1;
// A unique value that identifies this user across time. If this user is
// deleted and another user by the same name is added, they will have
// different UIDs.
// +optional
optional string uid = 2;
// The names of groups this user is a part of.
// +optional
repeated string groups = 3;
// Any additional information provided by the authenticator.
// +optional
map<string, ExtraValue> extra = 4;
}

272
vendor/k8s.io/api/authorization/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,272 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.authorization.v1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
message ExtraValue {
// items, if empty, will result in an empty slice
repeated string items = 1;
}
// LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace.
// Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions
// checking.
message LocalSubjectAccessReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace
// you made the request against. If empty, it is defaulted.
optional SubjectAccessReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request is allowed or not
// +optional
optional SubjectAccessReviewStatus status = 3;
}
// NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface
message NonResourceAttributes {
// Path is the URL path of the request
// +optional
optional string path = 1;
// Verb is the standard HTTP verb
// +optional
optional string verb = 2;
}
// NonResourceRule holds information that describes a rule for the non-resource
message NonResourceRule {
// Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. "*" means all.
repeated string verbs = 1;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full,
// final step in the path. "*" means all.
// +optional
repeated string nonResourceURLs = 2;
}
// ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface
message ResourceAttributes {
// Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces
// "" (empty) is defaulted for LocalSubjectAccessReviews
// "" (empty) is empty for cluster-scoped resources
// "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview
// +optional
optional string namespace = 1;
// Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. "*" means all.
// +optional
optional string verb = 2;
// Group is the API Group of the Resource. "*" means all.
// +optional
optional string group = 3;
// Version is the API Version of the Resource. "*" means all.
// +optional
optional string version = 4;
// Resource is one of the existing resource types. "*" means all.
// +optional
optional string resource = 5;
// Subresource is one of the existing resource types. "" means none.
// +optional
optional string subresource = 6;
// Name is the name of the resource being requested for a "get" or deleted for a "delete". "" (empty) means all.
// +optional
optional string name = 7;
}
// ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant,
// may contain duplicates, and possibly be incomplete.
message ResourceRule {
// Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. "*" means all.
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "*" means all.
// +optional
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. "*" means all in the specified apiGroups.
// "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. "*" means all.
// +optional
repeated string resourceNames = 4;
}
// SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a
// spec.namespace means "in all namespaces". Self is a special case, because users should always be able
// to check whether they can perform an action
message SelfSubjectAccessReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated. user and groups must be empty
optional SelfSubjectAccessReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request is allowed or not
// +optional
optional SubjectAccessReviewStatus status = 3;
}
// SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes
// and NonResourceAuthorizationAttributes must be set
message SelfSubjectAccessReviewSpec {
// ResourceAuthorizationAttributes describes information for a resource access request
// +optional
optional ResourceAttributes resourceAttributes = 1;
// NonResourceAttributes describes information for a non-resource access request
// +optional
optional NonResourceAttributes nonResourceAttributes = 2;
}
// SelfSubjectRulesReview enumerates the set of actions the current user can perform within a namespace.
// The returned list of actions may be incomplete depending on the server's authorization mode,
// and any errors experienced during the evaluation. SelfSubjectRulesReview should be used by UIs to show/hide actions,
// or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to
// drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns.
// SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.
message SelfSubjectRulesReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated.
optional SelfSubjectRulesReviewSpec spec = 2;
// Status is filled in by the server and indicates the set of actions a user can perform.
// +optional
optional SubjectRulesReviewStatus status = 3;
}
message SelfSubjectRulesReviewSpec {
// Namespace to evaluate rules for. Required.
optional string namespace = 1;
}
// SubjectAccessReview checks whether or not a user or group can perform an action.
message SubjectAccessReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated
optional SubjectAccessReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request is allowed or not
// +optional
optional SubjectAccessReviewStatus status = 3;
}
// SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes
// and NonResourceAuthorizationAttributes must be set
message SubjectAccessReviewSpec {
// ResourceAuthorizationAttributes describes information for a resource access request
// +optional
optional ResourceAttributes resourceAttributes = 1;
// NonResourceAttributes describes information for a non-resource access request
// +optional
optional NonResourceAttributes nonResourceAttributes = 2;
// User is the user you're testing for.
// If you specify "User" but not "Groups", then is it interpreted as "What if User were not a member of any groups
// +optional
optional string user = 3;
// Groups is the groups you're testing for.
// +optional
repeated string groups = 4;
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
// it needs a reflection here.
// +optional
map<string, ExtraValue> extra = 5;
// UID information about the requesting user.
// +optional
optional string uid = 6;
}
// SubjectAccessReviewStatus
message SubjectAccessReviewStatus {
// Allowed is required. True if the action would be allowed, false otherwise.
optional bool allowed = 1;
// Denied is optional. True if the action would be denied, otherwise
// false. If both allowed is false and denied is false, then the
// authorizer has no opinion on whether to authorize the action. Denied
// may not be true if Allowed is true.
// +optional
optional bool denied = 4;
// Reason is optional. It indicates why a request was allowed or denied.
// +optional
optional string reason = 2;
// EvaluationError is an indication that some error occurred during the authorization check.
// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
// +optional
optional string evaluationError = 3;
}
// SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on
// the set of authorizers the server is configured with and any errors experienced during evaluation.
// Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission,
// even if that list is incomplete.
message SubjectRulesReviewStatus {
// ResourceRules is the list of actions the subject is allowed to perform on resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
repeated ResourceRule resourceRules = 1;
// NonResourceRules is the list of actions the subject is allowed to perform on non-resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
repeated NonResourceRule nonResourceRules = 2;
// Incomplete is true when the rules returned by this call are incomplete. This is most commonly
// encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.
optional bool incomplete = 3;
// EvaluationError can appear in combination with Rules. It indicates an error occurred during
// rule evaluation, such as an authorizer that doesn't support rule evaluation, and that
// ResourceRules and/or NonResourceRules may be incomplete.
// +optional
optional string evaluationError = 4;
}

272
vendor/k8s.io/api/authorization/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,272 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.authorization.v1beta1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
message ExtraValue {
// items, if empty, will result in an empty slice
repeated string items = 1;
}
// LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace.
// Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions
// checking.
message LocalSubjectAccessReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace
// you made the request against. If empty, it is defaulted.
optional SubjectAccessReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request is allowed or not
// +optional
optional SubjectAccessReviewStatus status = 3;
}
// NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface
message NonResourceAttributes {
// Path is the URL path of the request
// +optional
optional string path = 1;
// Verb is the standard HTTP verb
// +optional
optional string verb = 2;
}
// NonResourceRule holds information that describes a rule for the non-resource
message NonResourceRule {
// Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. "*" means all.
repeated string verbs = 1;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full,
// final step in the path. "*" means all.
// +optional
repeated string nonResourceURLs = 2;
}
// ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface
message ResourceAttributes {
// Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces
// "" (empty) is defaulted for LocalSubjectAccessReviews
// "" (empty) is empty for cluster-scoped resources
// "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview
// +optional
optional string namespace = 1;
// Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. "*" means all.
// +optional
optional string verb = 2;
// Group is the API Group of the Resource. "*" means all.
// +optional
optional string group = 3;
// Version is the API Version of the Resource. "*" means all.
// +optional
optional string version = 4;
// Resource is one of the existing resource types. "*" means all.
// +optional
optional string resource = 5;
// Subresource is one of the existing resource types. "" means none.
// +optional
optional string subresource = 6;
// Name is the name of the resource being requested for a "get" or deleted for a "delete". "" (empty) means all.
// +optional
optional string name = 7;
}
// ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant,
// may contain duplicates, and possibly be incomplete.
message ResourceRule {
// Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. "*" means all.
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "*" means all.
// +optional
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. "*" means all in the specified apiGroups.
// "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. "*" means all.
// +optional
repeated string resourceNames = 4;
}
// SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a
// spec.namespace means "in all namespaces". Self is a special case, because users should always be able
// to check whether they can perform an action
message SelfSubjectAccessReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated. user and groups must be empty
optional SelfSubjectAccessReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request is allowed or not
// +optional
optional SubjectAccessReviewStatus status = 3;
}
// SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes
// and NonResourceAuthorizationAttributes must be set
message SelfSubjectAccessReviewSpec {
// ResourceAuthorizationAttributes describes information for a resource access request
// +optional
optional ResourceAttributes resourceAttributes = 1;
// NonResourceAttributes describes information for a non-resource access request
// +optional
optional NonResourceAttributes nonResourceAttributes = 2;
}
// SelfSubjectRulesReview enumerates the set of actions the current user can perform within a namespace.
// The returned list of actions may be incomplete depending on the server's authorization mode,
// and any errors experienced during the evaluation. SelfSubjectRulesReview should be used by UIs to show/hide actions,
// or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to
// drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns.
// SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.
message SelfSubjectRulesReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated.
optional SelfSubjectRulesReviewSpec spec = 2;
// Status is filled in by the server and indicates the set of actions a user can perform.
// +optional
optional SubjectRulesReviewStatus status = 3;
}
message SelfSubjectRulesReviewSpec {
// Namespace to evaluate rules for. Required.
optional string namespace = 1;
}
// SubjectAccessReview checks whether or not a user or group can perform an action.
message SubjectAccessReview {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated
optional SubjectAccessReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request is allowed or not
// +optional
optional SubjectAccessReviewStatus status = 3;
}
// SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes
// and NonResourceAuthorizationAttributes must be set
message SubjectAccessReviewSpec {
// ResourceAuthorizationAttributes describes information for a resource access request
// +optional
optional ResourceAttributes resourceAttributes = 1;
// NonResourceAttributes describes information for a non-resource access request
// +optional
optional NonResourceAttributes nonResourceAttributes = 2;
// User is the user you're testing for.
// If you specify "User" but not "Group", then is it interpreted as "What if User were not a member of any groups
// +optional
optional string user = 3;
// Groups is the groups you're testing for.
// +optional
repeated string group = 4;
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
// it needs a reflection here.
// +optional
map<string, ExtraValue> extra = 5;
// UID information about the requesting user.
// +optional
optional string uid = 6;
}
// SubjectAccessReviewStatus
message SubjectAccessReviewStatus {
// Allowed is required. True if the action would be allowed, false otherwise.
optional bool allowed = 1;
// Denied is optional. True if the action would be denied, otherwise
// false. If both allowed is false and denied is false, then the
// authorizer has no opinion on whether to authorize the action. Denied
// may not be true if Allowed is true.
// +optional
optional bool denied = 4;
// Reason is optional. It indicates why a request was allowed or denied.
// +optional
optional string reason = 2;
// EvaluationError is an indication that some error occurred during the authorization check.
// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
// +optional
optional string evaluationError = 3;
}
// SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on
// the set of authorizers the server is configured with and any errors experienced during evaluation.
// Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission,
// even if that list is incomplete.
message SubjectRulesReviewStatus {
// ResourceRules is the list of actions the subject is allowed to perform on resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
repeated ResourceRule resourceRules = 1;
// NonResourceRules is the list of actions the subject is allowed to perform on non-resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
repeated NonResourceRule nonResourceRules = 2;
// Incomplete is true when the rules returned by this call are incomplete. This is most commonly
// encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.
optional bool incomplete = 3;
// EvaluationError can appear in combination with Rules. It indicates an error occurred during
// rule evaluation, such as an authorizer that doesn't support rule evaluation, and that
// ResourceRules and/or NonResourceRules may be incomplete.
// +optional
optional string evaluationError = 4;
}

419
vendor/k8s.io/api/autoscaling/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,419 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.autoscaling.v1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/api/resource/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// CrossVersionObjectReference contains enough information to let you identify the referred resource.
message CrossVersionObjectReference {
// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
optional string kind = 1;
// Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names
optional string name = 2;
// API version of the referent
// +optional
optional string apiVersion = 3;
}
// ExternalMetricSource indicates how to scale on a metric not associated with
// any Kubernetes object (for example length of queue in cloud
// messaging service, or QPS from loadbalancer running outside of cluster).
message ExternalMetricSource {
// metricName is the name of the metric in question.
optional string metricName = 1;
// metricSelector is used to identify a specific time series
// within a given metric.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
// targetValue is the target value of the metric (as a quantity).
// Mutually exclusive with TargetAverageValue.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetValue = 3;
// targetAverageValue is the target per-pod value of global metric (as a quantity).
// Mutually exclusive with TargetValue.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 4;
}
// ExternalMetricStatus indicates the current value of a global metric
// not associated with any Kubernetes object.
message ExternalMetricStatus {
// metricName is the name of a metric used for autoscaling in
// metric system.
optional string metricName = 1;
// metricSelector is used to identify a specific time series
// within a given metric.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
// currentValue is the current value of the metric (as a quantity)
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentValue = 3;
// currentAverageValue is the current value of metric averaged over autoscaled pods.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 4;
}
// configuration of a horizontal pod autoscaler.
message HorizontalPodAutoscaler {
// Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
// +optional
optional HorizontalPodAutoscalerSpec spec = 2;
// current information about the autoscaler.
// +optional
optional HorizontalPodAutoscalerStatus status = 3;
}
// HorizontalPodAutoscalerCondition describes the state of
// a HorizontalPodAutoscaler at a certain point.
message HorizontalPodAutoscalerCondition {
// type describes the current condition
optional string type = 1;
// status is the status of the condition (True, False, Unknown)
optional string status = 2;
// lastTransitionTime is the last time the condition transitioned from
// one status to another
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// reason is the reason for the condition's last transition.
// +optional
optional string reason = 4;
// message is a human-readable explanation containing details about
// the transition
// +optional
optional string message = 5;
}
// list of horizontal pod autoscaler objects.
message HorizontalPodAutoscalerList {
// Standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// list of horizontal pod autoscaler objects.
repeated HorizontalPodAutoscaler items = 2;
}
// specification of a horizontal pod autoscaler.
message HorizontalPodAutoscalerSpec {
// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption
// and will set the desired number of pods by using its Scale subresource.
optional CrossVersionObjectReference scaleTargetRef = 1;
// minReplicas is the lower limit for the number of replicas to which the autoscaler
// can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the
// alpha feature gate HPAScaleToZero is enabled and at least one Object or External
// metric is configured. Scaling is active as long as at least one metric value is
// available.
// +optional
optional int32 minReplicas = 2;
// upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.
optional int32 maxReplicas = 3;
// target average CPU utilization (represented as a percentage of requested CPU) over all the pods;
// if not specified the default autoscaling policy will be used.
// +optional
optional int32 targetCPUUtilizationPercentage = 4;
}
// current status of a horizontal pod autoscaler
message HorizontalPodAutoscalerStatus {
// most recent generation observed by this autoscaler.
// +optional
optional int64 observedGeneration = 1;
// last time the HorizontalPodAutoscaler scaled the number of pods;
// used by the autoscaler to control how often the number of pods is changed.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastScaleTime = 2;
// current number of replicas of pods managed by this autoscaler.
optional int32 currentReplicas = 3;
// desired number of replicas of pods managed by this autoscaler.
optional int32 desiredReplicas = 4;
// current average CPU utilization over all pods, represented as a percentage of requested CPU,
// e.g. 70 means that an average pod is using now 70% of its requested CPU.
// +optional
optional int32 currentCPUUtilizationPercentage = 5;
}
// MetricSpec specifies how to scale based on a single metric
// (only `type` and one other matching field should be set at once).
message MetricSpec {
// type is the type of metric source. It should be one of "Object",
// "Pods" or "Resource", each mapping to a matching field in the object.
optional string type = 1;
// object refers to a metric describing a single kubernetes object
// (for example, hits-per-second on an Ingress object).
// +optional
optional ObjectMetricSource object = 2;
// pods refers to a metric describing each pod in the current scale target
// (for example, transactions-processed-per-second). The values will be
// averaged together before being compared to the target value.
// +optional
optional PodsMetricSource pods = 3;
// resource refers to a resource metric (such as those specified in
// requests and limits) known to Kubernetes describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available
// to normal per-pod metrics using the "pods" source.
// +optional
optional ResourceMetricSource resource = 4;
// external refers to a global metric that is not associated
// with any Kubernetes object. It allows autoscaling based on information
// coming from components running outside of cluster
// (for example length of queue in cloud messaging service, or
// QPS from loadbalancer running outside of cluster).
// +optional
optional ExternalMetricSource external = 5;
}
// MetricStatus describes the last-read state of a single metric.
message MetricStatus {
// type is the type of metric source. It will be one of "Object",
// "Pods" or "Resource", each corresponds to a matching field in the object.
optional string type = 1;
// object refers to a metric describing a single kubernetes object
// (for example, hits-per-second on an Ingress object).
// +optional
optional ObjectMetricStatus object = 2;
// pods refers to a metric describing each pod in the current scale target
// (for example, transactions-processed-per-second). The values will be
// averaged together before being compared to the target value.
// +optional
optional PodsMetricStatus pods = 3;
// resource refers to a resource metric (such as those specified in
// requests and limits) known to Kubernetes describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available
// to normal per-pod metrics using the "pods" source.
// +optional
optional ResourceMetricStatus resource = 4;
// external refers to a global metric that is not associated
// with any Kubernetes object. It allows autoscaling based on information
// coming from components running outside of cluster
// (for example length of queue in cloud messaging service, or
// QPS from loadbalancer running outside of cluster).
// +optional
optional ExternalMetricStatus external = 5;
}
// ObjectMetricSource indicates how to scale on a metric describing a
// kubernetes object (for example, hits-per-second on an Ingress object).
message ObjectMetricSource {
// target is the described Kubernetes object.
optional CrossVersionObjectReference target = 1;
// metricName is the name of the metric in question.
optional string metricName = 2;
// targetValue is the target value of the metric (as a quantity).
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetValue = 3;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric.
// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 4;
// averageValue is the target value of the average of the
// metric across all relevant pods (as a quantity)
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity averageValue = 5;
}
// ObjectMetricStatus indicates the current value of a metric describing a
// kubernetes object (for example, hits-per-second on an Ingress object).
message ObjectMetricStatus {
// target is the described Kubernetes object.
optional CrossVersionObjectReference target = 1;
// metricName is the name of the metric in question.
optional string metricName = 2;
// currentValue is the current value of the metric (as a quantity).
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentValue = 3;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set in the ObjectMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping.
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 4;
// averageValue is the current value of the average of the
// metric across all relevant pods (as a quantity)
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity averageValue = 5;
}
// PodsMetricSource indicates how to scale on a metric describing each pod in
// the current scale target (for example, transactions-processed-per-second).
// The values will be averaged together before being compared to the target
// value.
message PodsMetricSource {
// metricName is the name of the metric in question
optional string metricName = 1;
// targetAverageValue is the target value of the average of the
// metric across all relevant pods (as a quantity)
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 2;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 3;
}
// PodsMetricStatus indicates the current value of a metric describing each pod in
// the current scale target (for example, transactions-processed-per-second).
message PodsMetricStatus {
// metricName is the name of the metric in question
optional string metricName = 1;
// currentAverageValue is the current value of the average of the
// metric across all relevant pods (as a quantity)
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 2;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set in the PodsMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping.
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 3;
}
// ResourceMetricSource indicates how to scale on a resource metric known to
// Kubernetes, as specified in requests and limits, describing each pod in the
// current scale target (e.g. CPU or memory). The values will be averaged
// together before being compared to the target. Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available to
// normal per-pod metrics using the "pods" source. Only one "target" type
// should be set.
message ResourceMetricSource {
// name is the name of the resource in question.
optional string name = 1;
// targetAverageUtilization is the target value of the average of the
// resource metric across all relevant pods, represented as a percentage of
// the requested value of the resource for the pods.
// +optional
optional int32 targetAverageUtilization = 2;
// targetAverageValue is the target value of the average of the
// resource metric across all relevant pods, as a raw value (instead of as
// a percentage of the request), similar to the "pods" metric source type.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 3;
}
// ResourceMetricStatus indicates the current value of a resource metric known to
// Kubernetes, as specified in requests and limits, describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available to
// normal per-pod metrics using the "pods" source.
message ResourceMetricStatus {
// name is the name of the resource in question.
optional string name = 1;
// currentAverageUtilization is the current value of the average of the
// resource metric across all relevant pods, represented as a percentage of
// the requested value of the resource for the pods. It will only be
// present if `targetAverageValue` was set in the corresponding metric
// specification.
// +optional
optional int32 currentAverageUtilization = 2;
// currentAverageValue is the current value of the average of the
// resource metric across all relevant pods, as a raw value (instead of as
// a percentage of the request), similar to the "pods" metric source type.
// It will always be set, regardless of the corresponding metric specification.
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 3;
}
// Scale represents a scaling request for a resource.
message Scale {
// Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
// +optional
optional ScaleSpec spec = 2;
// current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only.
// +optional
optional ScaleStatus status = 3;
}
// ScaleSpec describes the attributes of a scale subresource.
message ScaleSpec {
// desired number of instances for the scaled object.
// +optional
optional int32 replicas = 1;
}
// ScaleStatus represents the current status of a scale subresource.
message ScaleStatus {
// actual number of observed instances of the scaled object.
optional int32 replicas = 1;
// label query over pods that should match the replicas count. This is same
// as the label selector but in the string format to avoid introspection
// by clients. The string will be in the same format as the query-param syntax.
// More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors
// +optional
optional string selector = 2;
}

400
vendor/k8s.io/api/autoscaling/v2beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,400 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.autoscaling.v2beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/api/resource/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v2beta1";
// CrossVersionObjectReference contains enough information to let you identify the referred resource.
message CrossVersionObjectReference {
// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
optional string kind = 1;
// Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names
optional string name = 2;
// API version of the referent
// +optional
optional string apiVersion = 3;
}
// ExternalMetricSource indicates how to scale on a metric not associated with
// any Kubernetes object (for example length of queue in cloud
// messaging service, or QPS from loadbalancer running outside of cluster).
// Exactly one "target" type should be set.
message ExternalMetricSource {
// metricName is the name of the metric in question.
optional string metricName = 1;
// metricSelector is used to identify a specific time series
// within a given metric.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
// targetValue is the target value of the metric (as a quantity).
// Mutually exclusive with TargetAverageValue.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetValue = 3;
// targetAverageValue is the target per-pod value of global metric (as a quantity).
// Mutually exclusive with TargetValue.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 4;
}
// ExternalMetricStatus indicates the current value of a global metric
// not associated with any Kubernetes object.
message ExternalMetricStatus {
// metricName is the name of a metric used for autoscaling in
// metric system.
optional string metricName = 1;
// metricSelector is used to identify a specific time series
// within a given metric.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
// currentValue is the current value of the metric (as a quantity)
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentValue = 3;
// currentAverageValue is the current value of metric averaged over autoscaled pods.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 4;
}
// HorizontalPodAutoscaler is the configuration for a horizontal pod
// autoscaler, which automatically manages the replica count of any resource
// implementing the scale subresource based on the metrics specified.
message HorizontalPodAutoscaler {
// metadata is the standard object metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// spec is the specification for the behaviour of the autoscaler.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
// +optional
optional HorizontalPodAutoscalerSpec spec = 2;
// status is the current information about the autoscaler.
// +optional
optional HorizontalPodAutoscalerStatus status = 3;
}
// HorizontalPodAutoscalerCondition describes the state of
// a HorizontalPodAutoscaler at a certain point.
message HorizontalPodAutoscalerCondition {
// type describes the current condition
optional string type = 1;
// status is the status of the condition (True, False, Unknown)
optional string status = 2;
// lastTransitionTime is the last time the condition transitioned from
// one status to another
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// reason is the reason for the condition's last transition.
// +optional
optional string reason = 4;
// message is a human-readable explanation containing details about
// the transition
// +optional
optional string message = 5;
}
// HorizontalPodAutoscaler is a list of horizontal pod autoscaler objects.
message HorizontalPodAutoscalerList {
// metadata is the standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of horizontal pod autoscaler objects.
repeated HorizontalPodAutoscaler items = 2;
}
// HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.
message HorizontalPodAutoscalerSpec {
// scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics
// should be collected, as well as to actually change the replica count.
optional CrossVersionObjectReference scaleTargetRef = 1;
// minReplicas is the lower limit for the number of replicas to which the autoscaler
// can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the
// alpha feature gate HPAScaleToZero is enabled and at least one Object or External
// metric is configured. Scaling is active as long as at least one metric value is
// available.
// +optional
optional int32 minReplicas = 2;
// maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up.
// It cannot be less that minReplicas.
optional int32 maxReplicas = 3;
// metrics contains the specifications for which to use to calculate the
// desired replica count (the maximum replica count across all metrics will
// be used). The desired replica count is calculated multiplying the
// ratio between the target value and the current value by the current
// number of pods. Ergo, metrics used must decrease as the pod count is
// increased, and vice-versa. See the individual metric source types for
// more information about how each type of metric must respond.
// +optional
repeated MetricSpec metrics = 4;
}
// HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.
message HorizontalPodAutoscalerStatus {
// observedGeneration is the most recent generation observed by this autoscaler.
// +optional
optional int64 observedGeneration = 1;
// lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods,
// used by the autoscaler to control how often the number of pods is changed.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastScaleTime = 2;
// currentReplicas is current number of replicas of pods managed by this autoscaler,
// as last seen by the autoscaler.
optional int32 currentReplicas = 3;
// desiredReplicas is the desired number of replicas of pods managed by this autoscaler,
// as last calculated by the autoscaler.
optional int32 desiredReplicas = 4;
// currentMetrics is the last read state of the metrics used by this autoscaler.
// +optional
repeated MetricStatus currentMetrics = 5;
// conditions is the set of conditions required for this autoscaler to scale its target,
// and indicates whether or not those conditions are met.
repeated HorizontalPodAutoscalerCondition conditions = 6;
}
// MetricSpec specifies how to scale based on a single metric
// (only `type` and one other matching field should be set at once).
message MetricSpec {
// type is the type of metric source. It should be one of "Object",
// "Pods" or "Resource", each mapping to a matching field in the object.
optional string type = 1;
// object refers to a metric describing a single kubernetes object
// (for example, hits-per-second on an Ingress object).
// +optional
optional ObjectMetricSource object = 2;
// pods refers to a metric describing each pod in the current scale target
// (for example, transactions-processed-per-second). The values will be
// averaged together before being compared to the target value.
// +optional
optional PodsMetricSource pods = 3;
// resource refers to a resource metric (such as those specified in
// requests and limits) known to Kubernetes describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available
// to normal per-pod metrics using the "pods" source.
// +optional
optional ResourceMetricSource resource = 4;
// external refers to a global metric that is not associated
// with any Kubernetes object. It allows autoscaling based on information
// coming from components running outside of cluster
// (for example length of queue in cloud messaging service, or
// QPS from loadbalancer running outside of cluster).
// +optional
optional ExternalMetricSource external = 5;
}
// MetricStatus describes the last-read state of a single metric.
message MetricStatus {
// type is the type of metric source. It will be one of "Object",
// "Pods" or "Resource", each corresponds to a matching field in the object.
optional string type = 1;
// object refers to a metric describing a single kubernetes object
// (for example, hits-per-second on an Ingress object).
// +optional
optional ObjectMetricStatus object = 2;
// pods refers to a metric describing each pod in the current scale target
// (for example, transactions-processed-per-second). The values will be
// averaged together before being compared to the target value.
// +optional
optional PodsMetricStatus pods = 3;
// resource refers to a resource metric (such as those specified in
// requests and limits) known to Kubernetes describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available
// to normal per-pod metrics using the "pods" source.
// +optional
optional ResourceMetricStatus resource = 4;
// external refers to a global metric that is not associated
// with any Kubernetes object. It allows autoscaling based on information
// coming from components running outside of cluster
// (for example length of queue in cloud messaging service, or
// QPS from loadbalancer running outside of cluster).
// +optional
optional ExternalMetricStatus external = 5;
}
// ObjectMetricSource indicates how to scale on a metric describing a
// kubernetes object (for example, hits-per-second on an Ingress object).
message ObjectMetricSource {
// target is the described Kubernetes object.
optional CrossVersionObjectReference target = 1;
// metricName is the name of the metric in question.
optional string metricName = 2;
// targetValue is the target value of the metric (as a quantity).
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetValue = 3;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 4;
// averageValue is the target value of the average of the
// metric across all relevant pods (as a quantity)
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity averageValue = 5;
}
// ObjectMetricStatus indicates the current value of a metric describing a
// kubernetes object (for example, hits-per-second on an Ingress object).
message ObjectMetricStatus {
// target is the described Kubernetes object.
optional CrossVersionObjectReference target = 1;
// metricName is the name of the metric in question.
optional string metricName = 2;
// currentValue is the current value of the metric (as a quantity).
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentValue = 3;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set in the ObjectMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping.
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 4;
// averageValue is the current value of the average of the
// metric across all relevant pods (as a quantity)
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity averageValue = 5;
}
// PodsMetricSource indicates how to scale on a metric describing each pod in
// the current scale target (for example, transactions-processed-per-second).
// The values will be averaged together before being compared to the target
// value.
message PodsMetricSource {
// metricName is the name of the metric in question
optional string metricName = 1;
// targetAverageValue is the target value of the average of the
// metric across all relevant pods (as a quantity)
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 2;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 3;
}
// PodsMetricStatus indicates the current value of a metric describing each pod in
// the current scale target (for example, transactions-processed-per-second).
message PodsMetricStatus {
// metricName is the name of the metric in question
optional string metricName = 1;
// currentAverageValue is the current value of the average of the
// metric across all relevant pods (as a quantity)
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 2;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set in the PodsMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping.
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 3;
}
// ResourceMetricSource indicates how to scale on a resource metric known to
// Kubernetes, as specified in requests and limits, describing each pod in the
// current scale target (e.g. CPU or memory). The values will be averaged
// together before being compared to the target. Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available to
// normal per-pod metrics using the "pods" source. Only one "target" type
// should be set.
message ResourceMetricSource {
// name is the name of the resource in question.
optional string name = 1;
// targetAverageUtilization is the target value of the average of the
// resource metric across all relevant pods, represented as a percentage of
// the requested value of the resource for the pods.
// +optional
optional int32 targetAverageUtilization = 2;
// targetAverageValue is the target value of the average of the
// resource metric across all relevant pods, as a raw value (instead of as
// a percentage of the request), similar to the "pods" metric source type.
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 3;
}
// ResourceMetricStatus indicates the current value of a resource metric known to
// Kubernetes, as specified in requests and limits, describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available to
// normal per-pod metrics using the "pods" source.
message ResourceMetricStatus {
// name is the name of the resource in question.
optional string name = 1;
// currentAverageUtilization is the current value of the average of the
// resource metric across all relevant pods, represented as a percentage of
// the requested value of the resource for the pods. It will only be
// present if `targetAverageValue` was set in the corresponding metric
// specification.
// +optional
optional int32 currentAverageUtilization = 2;
// currentAverageValue is the current value of the average of the
// resource metric across all relevant pods, as a raw value (instead of as
// a percentage of the request), similar to the "pods" metric source type.
// It will always be set, regardless of the corresponding metric specification.
optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 3;
}

372
vendor/k8s.io/api/autoscaling/v2beta2/generated.proto generated vendored Normal file
View File

@ -0,0 +1,372 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.autoscaling.v2beta2;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/api/resource/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v2beta2";
// CrossVersionObjectReference contains enough information to let you identify the referred resource.
message CrossVersionObjectReference {
// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
optional string kind = 1;
// Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names
optional string name = 2;
// API version of the referent
// +optional
optional string apiVersion = 3;
}
// ExternalMetricSource indicates how to scale on a metric not associated with
// any Kubernetes object (for example length of queue in cloud
// messaging service, or QPS from loadbalancer running outside of cluster).
message ExternalMetricSource {
// metric identifies the target metric by name and selector
optional MetricIdentifier metric = 1;
// target specifies the target value for the given metric
optional MetricTarget target = 2;
}
// ExternalMetricStatus indicates the current value of a global metric
// not associated with any Kubernetes object.
message ExternalMetricStatus {
// metric identifies the target metric by name and selector
optional MetricIdentifier metric = 1;
// current contains the current value for the given metric
optional MetricValueStatus current = 2;
}
// HorizontalPodAutoscaler is the configuration for a horizontal pod
// autoscaler, which automatically manages the replica count of any resource
// implementing the scale subresource based on the metrics specified.
message HorizontalPodAutoscaler {
// metadata is the standard object metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// spec is the specification for the behaviour of the autoscaler.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
// +optional
optional HorizontalPodAutoscalerSpec spec = 2;
// status is the current information about the autoscaler.
// +optional
optional HorizontalPodAutoscalerStatus status = 3;
}
// HorizontalPodAutoscalerCondition describes the state of
// a HorizontalPodAutoscaler at a certain point.
message HorizontalPodAutoscalerCondition {
// type describes the current condition
optional string type = 1;
// status is the status of the condition (True, False, Unknown)
optional string status = 2;
// lastTransitionTime is the last time the condition transitioned from
// one status to another
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// reason is the reason for the condition's last transition.
// +optional
optional string reason = 4;
// message is a human-readable explanation containing details about
// the transition
// +optional
optional string message = 5;
}
// HorizontalPodAutoscalerList is a list of horizontal pod autoscaler objects.
message HorizontalPodAutoscalerList {
// metadata is the standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of horizontal pod autoscaler objects.
repeated HorizontalPodAutoscaler items = 2;
}
// HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.
message HorizontalPodAutoscalerSpec {
// scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics
// should be collected, as well as to actually change the replica count.
optional CrossVersionObjectReference scaleTargetRef = 1;
// minReplicas is the lower limit for the number of replicas to which the autoscaler
// can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the
// alpha feature gate HPAScaleToZero is enabled and at least one Object or External
// metric is configured. Scaling is active as long as at least one metric value is
// available.
// +optional
optional int32 minReplicas = 2;
// maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up.
// It cannot be less that minReplicas.
optional int32 maxReplicas = 3;
// metrics contains the specifications for which to use to calculate the
// desired replica count (the maximum replica count across all metrics will
// be used). The desired replica count is calculated multiplying the
// ratio between the target value and the current value by the current
// number of pods. Ergo, metrics used must decrease as the pod count is
// increased, and vice-versa. See the individual metric source types for
// more information about how each type of metric must respond.
// If not set, the default metric will be set to 80% average CPU utilization.
// +optional
repeated MetricSpec metrics = 4;
}
// HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.
message HorizontalPodAutoscalerStatus {
// observedGeneration is the most recent generation observed by this autoscaler.
// +optional
optional int64 observedGeneration = 1;
// lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods,
// used by the autoscaler to control how often the number of pods is changed.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastScaleTime = 2;
// currentReplicas is current number of replicas of pods managed by this autoscaler,
// as last seen by the autoscaler.
optional int32 currentReplicas = 3;
// desiredReplicas is the desired number of replicas of pods managed by this autoscaler,
// as last calculated by the autoscaler.
optional int32 desiredReplicas = 4;
// currentMetrics is the last read state of the metrics used by this autoscaler.
// +optional
repeated MetricStatus currentMetrics = 5;
// conditions is the set of conditions required for this autoscaler to scale its target,
// and indicates whether or not those conditions are met.
repeated HorizontalPodAutoscalerCondition conditions = 6;
}
// MetricIdentifier defines the name and optionally selector for a metric
message MetricIdentifier {
// name is the name of the given metric
optional string name = 1;
// selector is the string-encoded form of a standard kubernetes label selector for the given metric
// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.
// When unset, just the metricName will be used to gather metrics.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
}
// MetricSpec specifies how to scale based on a single metric
// (only `type` and one other matching field should be set at once).
message MetricSpec {
// type is the type of metric source. It should be one of "Object",
// "Pods" or "Resource", each mapping to a matching field in the object.
optional string type = 1;
// object refers to a metric describing a single kubernetes object
// (for example, hits-per-second on an Ingress object).
// +optional
optional ObjectMetricSource object = 2;
// pods refers to a metric describing each pod in the current scale target
// (for example, transactions-processed-per-second). The values will be
// averaged together before being compared to the target value.
// +optional
optional PodsMetricSource pods = 3;
// resource refers to a resource metric (such as those specified in
// requests and limits) known to Kubernetes describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available
// to normal per-pod metrics using the "pods" source.
// +optional
optional ResourceMetricSource resource = 4;
// external refers to a global metric that is not associated
// with any Kubernetes object. It allows autoscaling based on information
// coming from components running outside of cluster
// (for example length of queue in cloud messaging service, or
// QPS from loadbalancer running outside of cluster).
// +optional
optional ExternalMetricSource external = 5;
}
// MetricStatus describes the last-read state of a single metric.
message MetricStatus {
// type is the type of metric source. It will be one of "Object",
// "Pods" or "Resource", each corresponds to a matching field in the object.
optional string type = 1;
// object refers to a metric describing a single kubernetes object
// (for example, hits-per-second on an Ingress object).
// +optional
optional ObjectMetricStatus object = 2;
// pods refers to a metric describing each pod in the current scale target
// (for example, transactions-processed-per-second). The values will be
// averaged together before being compared to the target value.
// +optional
optional PodsMetricStatus pods = 3;
// resource refers to a resource metric (such as those specified in
// requests and limits) known to Kubernetes describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available
// to normal per-pod metrics using the "pods" source.
// +optional
optional ResourceMetricStatus resource = 4;
// external refers to a global metric that is not associated
// with any Kubernetes object. It allows autoscaling based on information
// coming from components running outside of cluster
// (for example length of queue in cloud messaging service, or
// QPS from loadbalancer running outside of cluster).
// +optional
optional ExternalMetricStatus external = 5;
}
// MetricTarget defines the target value, average value, or average utilization of a specific metric
message MetricTarget {
// type represents whether the metric type is Utilization, Value, or AverageValue
optional string type = 1;
// value is the target value of the metric (as a quantity).
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity value = 2;
// averageValue is the target value of the average of the
// metric across all relevant pods (as a quantity)
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity averageValue = 3;
// averageUtilization is the target value of the average of the
// resource metric across all relevant pods, represented as a percentage of
// the requested value of the resource for the pods.
// Currently only valid for Resource metric source type
// +optional
optional int32 averageUtilization = 4;
}
// MetricValueStatus holds the current value for a metric
message MetricValueStatus {
// value is the current value of the metric (as a quantity).
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity value = 1;
// averageValue is the current value of the average of the
// metric across all relevant pods (as a quantity)
// +optional
optional k8s.io.apimachinery.pkg.api.resource.Quantity averageValue = 2;
// currentAverageUtilization is the current value of the average of the
// resource metric across all relevant pods, represented as a percentage of
// the requested value of the resource for the pods.
// +optional
optional int32 averageUtilization = 3;
}
// ObjectMetricSource indicates how to scale on a metric describing a
// kubernetes object (for example, hits-per-second on an Ingress object).
message ObjectMetricSource {
optional CrossVersionObjectReference describedObject = 1;
// target specifies the target value for the given metric
optional MetricTarget target = 2;
// metric identifies the target metric by name and selector
optional MetricIdentifier metric = 3;
}
// ObjectMetricStatus indicates the current value of a metric describing a
// kubernetes object (for example, hits-per-second on an Ingress object).
message ObjectMetricStatus {
// metric identifies the target metric by name and selector
optional MetricIdentifier metric = 1;
// current contains the current value for the given metric
optional MetricValueStatus current = 2;
optional CrossVersionObjectReference describedObject = 3;
}
// PodsMetricSource indicates how to scale on a metric describing each pod in
// the current scale target (for example, transactions-processed-per-second).
// The values will be averaged together before being compared to the target
// value.
message PodsMetricSource {
// metric identifies the target metric by name and selector
optional MetricIdentifier metric = 1;
// target specifies the target value for the given metric
optional MetricTarget target = 2;
}
// PodsMetricStatus indicates the current value of a metric describing each pod in
// the current scale target (for example, transactions-processed-per-second).
message PodsMetricStatus {
// metric identifies the target metric by name and selector
optional MetricIdentifier metric = 1;
// current contains the current value for the given metric
optional MetricValueStatus current = 2;
}
// ResourceMetricSource indicates how to scale on a resource metric known to
// Kubernetes, as specified in requests and limits, describing each pod in the
// current scale target (e.g. CPU or memory). The values will be averaged
// together before being compared to the target. Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available to
// normal per-pod metrics using the "pods" source. Only one "target" type
// should be set.
message ResourceMetricSource {
// name is the name of the resource in question.
optional string name = 1;
// target specifies the target value for the given metric
optional MetricTarget target = 2;
}
// ResourceMetricStatus indicates the current value of a resource metric known to
// Kubernetes, as specified in requests and limits, describing each pod in the
// current scale target (e.g. CPU or memory). Such metrics are built in to
// Kubernetes, and have special scaling options on top of those available to
// normal per-pod metrics using the "pods" source.
message ResourceMetricStatus {
// Name is the name of the resource in question.
optional string name = 1;
// current contains the current value for the given metric
optional MetricValueStatus current = 2;
}

184
vendor/k8s.io/api/batch/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,184 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.batch.v1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// Job represents the configuration of a single job.
message Job {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of a job.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional JobSpec spec = 2;
// Current status of a job.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional JobStatus status = 3;
}
// JobCondition describes current state of a job.
message JobCondition {
// Type of job condition, Complete or Failed.
optional string type = 1;
// Status of the condition, one of True, False, Unknown.
optional string status = 2;
// Last time the condition was checked.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastProbeTime = 3;
// Last time the condition transit from one status to another.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 4;
// (brief) reason for the condition's last transition.
// +optional
optional string reason = 5;
// Human readable message indicating details about last transition.
// +optional
optional string message = 6;
}
// JobList is a collection of jobs.
message JobList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of Jobs.
repeated Job items = 2;
}
// JobSpec describes how the job execution will look like.
message JobSpec {
// Specifies the maximum desired number of pods the job should
// run at any given time. The actual number of pods running in steady state will
// be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism),
// i.e. when the work left to do is less than max parallelism.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
// +optional
optional int32 parallelism = 1;
// Specifies the desired number of successfully finished pods the
// job should be run with. Setting to nil means that the success of any
// pod signals the success of all pods, and allows parallelism to have any positive
// value. Setting to 1 means that parallelism is limited to 1 and the success of that
// pod signals the success of the job.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
// +optional
optional int32 completions = 2;
// Specifies the duration in seconds relative to the startTime that the job may be active
// before the system tries to terminate it; value must be positive integer
// +optional
optional int64 activeDeadlineSeconds = 3;
// Specifies the number of retries before marking this job failed.
// Defaults to 6
// +optional
optional int32 backoffLimit = 7;
// A label query over pods that should match the pod count.
// Normally, the system sets this field for you.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 4;
// manualSelector controls generation of pod labels and pod selectors.
// Leave `manualSelector` unset unless you are certain what you are doing.
// When false or unset, the system pick labels unique to this job
// and appends those labels to the pod template. When true,
// the user is responsible for picking unique labels and specifying
// the selector. Failure to pick a unique label may cause this
// and other jobs to not function correctly. However, You may see
// `manualSelector=true` in jobs that were created with the old `extensions/v1beta1`
// API.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector
// +optional
optional bool manualSelector = 5;
// Describes the pod that will be created when executing a job.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
optional k8s.io.api.core.v1.PodTemplateSpec template = 6;
// ttlSecondsAfterFinished limits the lifetime of a Job that has finished
// execution (either Complete or Failed). If this field is set,
// ttlSecondsAfterFinished after the Job finishes, it is eligible to be
// automatically deleted. When the Job is being deleted, its lifecycle
// guarantees (e.g. finalizers) will be honored. If this field is unset,
// the Job won't be automatically deleted. If this field is set to zero,
// the Job becomes eligible to be deleted immediately after it finishes.
// This field is alpha-level and is only honored by servers that enable the
// TTLAfterFinished feature.
// +optional
optional int32 ttlSecondsAfterFinished = 8;
}
// JobStatus represents the current state of a Job.
message JobStatus {
// The latest available observations of an object's current state.
// More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
repeated JobCondition conditions = 1;
// Represents time when the job was acknowledged by the job controller.
// It is not guaranteed to be set in happens-before order across separate operations.
// It is represented in RFC3339 form and is in UTC.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time startTime = 2;
// Represents time when the job was completed. It is not guaranteed to
// be set in happens-before order across separate operations.
// It is represented in RFC3339 form and is in UTC.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time completionTime = 3;
// The number of actively running pods.
// +optional
optional int32 active = 4;
// The number of pods which reached phase Succeeded.
// +optional
optional int32 succeeded = 5;
// The number of pods which reached phase Failed.
// +optional
optional int32 failed = 6;
}

137
vendor/k8s.io/api/batch/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,137 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.batch.v1beta1;
import "k8s.io/api/batch/v1/generated.proto";
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// CronJob represents the configuration of a single cron job.
message CronJob {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of a cron job, including the schedule.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional CronJobSpec spec = 2;
// Current status of a cron job.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional CronJobStatus status = 3;
}
// CronJobList is a collection of cron jobs.
message CronJobList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CronJobs.
repeated CronJob items = 2;
}
// CronJobSpec describes how the job execution will look like and when it will actually run.
message CronJobSpec {
// The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.
optional string schedule = 1;
// Optional deadline in seconds for starting the job if it misses scheduled
// time for any reason. Missed jobs executions will be counted as failed ones.
// +optional
optional int64 startingDeadlineSeconds = 2;
// Specifies how to treat concurrent executions of a Job.
// Valid values are:
// - "Allow" (default): allows CronJobs to run concurrently;
// - "Forbid": forbids concurrent runs, skipping next run if previous run hasn't finished yet;
// - "Replace": cancels currently running job and replaces it with a new one
// +optional
optional string concurrencyPolicy = 3;
// This flag tells the controller to suspend subsequent executions, it does
// not apply to already started executions. Defaults to false.
// +optional
optional bool suspend = 4;
// Specifies the job that will be created when executing a CronJob.
optional JobTemplateSpec jobTemplate = 5;
// The number of successful finished jobs to retain.
// This is a pointer to distinguish between explicit zero and not specified.
// Defaults to 3.
// +optional
optional int32 successfulJobsHistoryLimit = 6;
// The number of failed finished jobs to retain.
// This is a pointer to distinguish between explicit zero and not specified.
// Defaults to 1.
// +optional
optional int32 failedJobsHistoryLimit = 7;
}
// CronJobStatus represents the current state of a cron job.
message CronJobStatus {
// A list of pointers to currently running jobs.
// +optional
repeated k8s.io.api.core.v1.ObjectReference active = 1;
// Information when was the last time the job was successfully scheduled.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastScheduleTime = 4;
}
// JobTemplate describes a template for creating copies of a predefined pod.
message JobTemplate {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Defines jobs that will be created from this template.
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional JobTemplateSpec template = 2;
}
// JobTemplateSpec describes the data a Job should have when created from a template
message JobTemplateSpec {
// Standard object's metadata of the jobs created from this template.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of the job.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional k8s.io.api.batch.v1.JobSpec spec = 2;
}

135
vendor/k8s.io/api/batch/v2alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,135 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.batch.v2alpha1;
import "k8s.io/api/batch/v1/generated.proto";
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v2alpha1";
// CronJob represents the configuration of a single cron job.
message CronJob {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of a cron job, including the schedule.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional CronJobSpec spec = 2;
// Current status of a cron job.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional CronJobStatus status = 3;
}
// CronJobList is a collection of cron jobs.
message CronJobList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CronJobs.
repeated CronJob items = 2;
}
// CronJobSpec describes how the job execution will look like and when it will actually run.
message CronJobSpec {
// The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.
optional string schedule = 1;
// Optional deadline in seconds for starting the job if it misses scheduled
// time for any reason. Missed jobs executions will be counted as failed ones.
// +optional
optional int64 startingDeadlineSeconds = 2;
// Specifies how to treat concurrent executions of a Job.
// Valid values are:
// - "Allow" (default): allows CronJobs to run concurrently;
// - "Forbid": forbids concurrent runs, skipping next run if previous run hasn't finished yet;
// - "Replace": cancels currently running job and replaces it with a new one
// +optional
optional string concurrencyPolicy = 3;
// This flag tells the controller to suspend subsequent executions, it does
// not apply to already started executions. Defaults to false.
// +optional
optional bool suspend = 4;
// Specifies the job that will be created when executing a CronJob.
optional JobTemplateSpec jobTemplate = 5;
// The number of successful finished jobs to retain.
// This is a pointer to distinguish between explicit zero and not specified.
// +optional
optional int32 successfulJobsHistoryLimit = 6;
// The number of failed finished jobs to retain.
// This is a pointer to distinguish between explicit zero and not specified.
// +optional
optional int32 failedJobsHistoryLimit = 7;
}
// CronJobStatus represents the current state of a cron job.
message CronJobStatus {
// A list of pointers to currently running jobs.
// +optional
repeated k8s.io.api.core.v1.ObjectReference active = 1;
// Information when was the last time the job was successfully scheduled.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastScheduleTime = 4;
}
// JobTemplate describes a template for creating copies of a predefined pod.
message JobTemplate {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Defines jobs that will be created from this template.
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional JobTemplateSpec template = 2;
}
// JobTemplateSpec describes the data a Job should have when created from a template
message JobTemplateSpec {
// Standard object's metadata of the jobs created from this template.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of the job.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional k8s.io.api.batch.v1.JobSpec spec = 2;
}

121
vendor/k8s.io/api/certificates/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,121 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.certificates.v1beta1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// Describes a certificate signing request
message CertificateSigningRequest {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// The certificate request itself and any additional information.
// +optional
optional CertificateSigningRequestSpec spec = 2;
// Derived information about the request.
// +optional
optional CertificateSigningRequestStatus status = 3;
}
message CertificateSigningRequestCondition {
// request approval state, currently Approved or Denied.
optional string type = 1;
// brief reason for the request state
// +optional
optional string reason = 2;
// human readable message with details about the request state
// +optional
optional string message = 3;
// timestamp for the last update to this condition
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastUpdateTime = 4;
}
message CertificateSigningRequestList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated CertificateSigningRequest items = 2;
}
// This information is immutable after the request is created. Only the Request
// and Usages fields can be set on creation, other fields are derived by
// Kubernetes and cannot be modified by users.
message CertificateSigningRequestSpec {
// Base64-encoded PKCS#10 CSR data
optional bytes request = 1;
// allowedUsages specifies a set of usage contexts the key will be
// valid for.
// See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
// https://tools.ietf.org/html/rfc5280#section-4.2.1.12
repeated string usages = 5;
// Information about the requesting user.
// See user.Info interface for details.
// +optional
optional string username = 2;
// UID information about the requesting user.
// See user.Info interface for details.
// +optional
optional string uid = 3;
// Group information about the requesting user.
// See user.Info interface for details.
// +optional
repeated string groups = 4;
// Extra information about the requesting user.
// See user.Info interface for details.
// +optional
map<string, ExtraValue> extra = 6;
}
message CertificateSigningRequestStatus {
// Conditions applied to the request, such as approval or denial.
// +optional
repeated CertificateSigningRequestCondition conditions = 1;
// If request was approved, the controller will place the issued certificate here.
// +optional
optional bytes certificate = 2;
}
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
message ExtraValue {
// items, if empty, will result in an empty slice
repeated string items = 1;
}

80
vendor/k8s.io/api/coordination/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,80 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.coordination.v1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// Lease defines a lease concept.
message Lease {
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the Lease.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional LeaseSpec spec = 2;
}
// LeaseList is a list of Lease objects.
message LeaseList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated Lease items = 2;
}
// LeaseSpec is a specification of a Lease.
message LeaseSpec {
// holderIdentity contains the identity of the holder of a current lease.
// +optional
optional string holderIdentity = 1;
// leaseDurationSeconds is a duration that candidates for a lease need
// to wait to force acquire it. This is measure against time of last
// observed RenewTime.
// +optional
optional int32 leaseDurationSeconds = 2;
// acquireTime is a time when the current lease was acquired.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime acquireTime = 3;
// renewTime is a time when the current holder of a lease has last
// updated the lease.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime renewTime = 4;
// leaseTransitions is the number of transitions of a lease between
// holders.
// +optional
optional int32 leaseTransitions = 5;
}

80
vendor/k8s.io/api/coordination/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,80 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.coordination.v1beta1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// Lease defines a lease concept.
message Lease {
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the Lease.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional LeaseSpec spec = 2;
}
// LeaseList is a list of Lease objects.
message LeaseList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated Lease items = 2;
}
// LeaseSpec is a specification of a Lease.
message LeaseSpec {
// holderIdentity contains the identity of the holder of a current lease.
// +optional
optional string holderIdentity = 1;
// leaseDurationSeconds is a duration that candidates for a lease need
// to wait to force acquire it. This is measure against time of last
// observed RenewTime.
// +optional
optional int32 leaseDurationSeconds = 2;
// acquireTime is a time when the current lease was acquired.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime acquireTime = 3;
// renewTime is a time when the current holder of a lease has last
// updated the lease.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime renewTime = 4;
// leaseTransitions is the number of transitions of a lease between
// holders.
// +optional
optional int32 leaseTransitions = 5;
}

5278
vendor/k8s.io/api/core/v1/generated.proto generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

157
vendor/k8s.io/api/discovery/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,157 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.discovery.v1alpha1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// Endpoint represents a single logical "backend" implementing a service.
message Endpoint {
// addresses of this endpoint. The contents of this field are interpreted
// according to the corresponding EndpointSlice addressType field. Consumers
// must handle different types of addresses in the context of their own
// capabilities. This must contain at least one address but no more than
// 100.
// +listType=set
repeated string addresses = 1;
// conditions contains information about the current status of the endpoint.
optional EndpointConditions conditions = 2;
// hostname of this endpoint. This field may be used by consumers of
// endpoints to distinguish endpoints from each other (e.g. in DNS names).
// Multiple endpoints which use the same hostname should be considered
// fungible (e.g. multiple A values in DNS). Must pass DNS Label (RFC 1123)
// validation.
// +optional
optional string hostname = 3;
// targetRef is a reference to a Kubernetes object that represents this
// endpoint.
// +optional
optional k8s.io.api.core.v1.ObjectReference targetRef = 4;
// topology contains arbitrary topology information associated with the
// endpoint. These key/value pairs must conform with the label format.
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels
// Topology may include a maximum of 16 key/value pairs. This includes, but
// is not limited to the following well known keys:
// * kubernetes.io/hostname: the value indicates the hostname of the node
// where the endpoint is located. This should match the corresponding
// node label.
// * topology.kubernetes.io/zone: the value indicates the zone where the
// endpoint is located. This should match the corresponding node label.
// * topology.kubernetes.io/region: the value indicates the region where the
// endpoint is located. This should match the corresponding node label.
// +optional
map<string, string> topology = 5;
}
// EndpointConditions represents the current condition of an endpoint.
message EndpointConditions {
// ready indicates that this endpoint is prepared to receive traffic,
// according to whatever system is managing the endpoint. A nil value
// indicates an unknown state. In most cases consumers should interpret this
// unknown state as ready.
// +optional
optional bool ready = 1;
}
// EndpointPort represents a Port used by an EndpointSlice
message EndpointPort {
// The name of this port. All ports in an EndpointSlice must have a unique
// name. If the EndpointSlice is dervied from a Kubernetes service, this
// corresponds to the Service.ports[].name.
// Name must either be an empty string or pass DNS_LABEL validation:
// * must be no more than 63 characters long.
// * must consist of lower case alphanumeric characters or '-'.
// * must start and end with an alphanumeric character.
// Default is empty string.
optional string name = 1;
// The IP protocol for this port.
// Must be UDP, TCP, or SCTP.
// Default is TCP.
optional string protocol = 2;
// The port number of the endpoint.
// If this is not specified, ports are not restricted and must be
// interpreted in the context of the specific consumer.
optional int32 port = 3;
// The application protocol for this port.
// This field follows standard Kubernetes label syntax.
// Un-prefixed names are reserved for IANA standard service names (as per
// RFC-6335 and http://www.iana.org/assignments/service-names).
// Non-standard protocols should use prefixed names.
// Default is empty string.
optional string appProtocol = 4;
}
// EndpointSlice represents a subset of the endpoints that implement a service.
// For a given service there may be multiple EndpointSlice objects, selected by
// labels, which must be joined to produce the full set of endpoints.
message EndpointSlice {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// addressType specifies the type of address carried by this EndpointSlice.
// All addresses in this slice must be the same type. This field is
// immutable after creation. The following address types are currently
// supported:
// * IPv4: Represents an IPv4 Address.
// * IPv6: Represents an IPv6 Address.
// * FQDN: Represents a Fully Qualified Domain Name.
optional string addressType = 4;
// endpoints is a list of unique endpoints in this slice. Each slice may
// include a maximum of 1000 endpoints.
// +listType=atomic
repeated Endpoint endpoints = 2;
// ports specifies the list of network ports exposed by each endpoint in
// this slice. Each port must have a unique name. When ports is empty, it
// indicates that there are no defined ports. When a port is defined with a
// nil port value, it indicates "all ports". Each slice may include a
// maximum of 100 ports.
// +optional
// +listType=atomic
repeated EndpointPort ports = 3;
}
// EndpointSliceList represents a list of endpoint slices
message EndpointSliceList {
// Standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of endpoint slices
// +listType=set
repeated EndpointSlice items = 2;
}

157
vendor/k8s.io/api/discovery/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,157 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.discovery.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// Endpoint represents a single logical "backend" implementing a service.
message Endpoint {
// addresses of this endpoint. The contents of this field are interpreted
// according to the corresponding EndpointSlice addressType field. Consumers
// must handle different types of addresses in the context of their own
// capabilities. This must contain at least one address but no more than
// 100.
// +listType=set
repeated string addresses = 1;
// conditions contains information about the current status of the endpoint.
optional EndpointConditions conditions = 2;
// hostname of this endpoint. This field may be used by consumers of
// endpoints to distinguish endpoints from each other (e.g. in DNS names).
// Multiple endpoints which use the same hostname should be considered
// fungible (e.g. multiple A values in DNS). Must pass DNS Label (RFC 1123)
// validation.
// +optional
optional string hostname = 3;
// targetRef is a reference to a Kubernetes object that represents this
// endpoint.
// +optional
optional k8s.io.api.core.v1.ObjectReference targetRef = 4;
// topology contains arbitrary topology information associated with the
// endpoint. These key/value pairs must conform with the label format.
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels
// Topology may include a maximum of 16 key/value pairs. This includes, but
// is not limited to the following well known keys:
// * kubernetes.io/hostname: the value indicates the hostname of the node
// where the endpoint is located. This should match the corresponding
// node label.
// * topology.kubernetes.io/zone: the value indicates the zone where the
// endpoint is located. This should match the corresponding node label.
// * topology.kubernetes.io/region: the value indicates the region where the
// endpoint is located. This should match the corresponding node label.
// +optional
map<string, string> topology = 5;
}
// EndpointConditions represents the current condition of an endpoint.
message EndpointConditions {
// ready indicates that this endpoint is prepared to receive traffic,
// according to whatever system is managing the endpoint. A nil value
// indicates an unknown state. In most cases consumers should interpret this
// unknown state as ready.
// +optional
optional bool ready = 1;
}
// EndpointPort represents a Port used by an EndpointSlice
message EndpointPort {
// The name of this port. All ports in an EndpointSlice must have a unique
// name. If the EndpointSlice is dervied from a Kubernetes service, this
// corresponds to the Service.ports[].name.
// Name must either be an empty string or pass DNS_LABEL validation:
// * must be no more than 63 characters long.
// * must consist of lower case alphanumeric characters or '-'.
// * must start and end with an alphanumeric character.
// Default is empty string.
optional string name = 1;
// The IP protocol for this port.
// Must be UDP, TCP, or SCTP.
// Default is TCP.
optional string protocol = 2;
// The port number of the endpoint.
// If this is not specified, ports are not restricted and must be
// interpreted in the context of the specific consumer.
optional int32 port = 3;
// The application protocol for this port.
// This field follows standard Kubernetes label syntax.
// Un-prefixed names are reserved for IANA standard service names (as per
// RFC-6335 and http://www.iana.org/assignments/service-names).
// Non-standard protocols should use prefixed names.
// Default is empty string.
optional string appProtocol = 4;
}
// EndpointSlice represents a subset of the endpoints that implement a service.
// For a given service there may be multiple EndpointSlice objects, selected by
// labels, which must be joined to produce the full set of endpoints.
message EndpointSlice {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// addressType specifies the type of address carried by this EndpointSlice.
// All addresses in this slice must be the same type. This field is
// immutable after creation. The following address types are currently
// supported:
// * IPv4: Represents an IPv4 Address.
// * IPv6: Represents an IPv6 Address.
// * FQDN: Represents a Fully Qualified Domain Name.
optional string addressType = 4;
// endpoints is a list of unique endpoints in this slice. Each slice may
// include a maximum of 1000 endpoints.
// +listType=atomic
repeated Endpoint endpoints = 2;
// ports specifies the list of network ports exposed by each endpoint in
// this slice. Each port must have a unique name. When ports is empty, it
// indicates that there are no defined ports. When a port is defined with a
// nil port value, it indicates "all ports". Each slice may include a
// maximum of 100 ports.
// +optional
// +listType=atomic
repeated EndpointPort ports = 3;
}
// EndpointSliceList represents a list of endpoint slices
message EndpointSliceList {
// Standard list metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// List of endpoint slices
// +listType=set
repeated EndpointSlice items = 2;
}

122
vendor/k8s.io/api/events/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,122 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.events.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// Event is a report of an event somewhere in the cluster. It generally denotes some state change in the system.
message Event {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Required. Time when this Event was first observed.
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime eventTime = 2;
// Data about the Event series this event represents or nil if it's a singleton Event.
// +optional
optional EventSeries series = 3;
// Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.
// +optional
optional string reportingController = 4;
// ID of the controller instance, e.g. `kubelet-xyzf`.
// +optional
optional string reportingInstance = 5;
// What action was taken/failed regarding to the regarding object.
// +optional
optional string action = 6;
// Why the action was taken.
optional string reason = 7;
// The object this Event is about. In most cases it's an Object reporting controller implements.
// E.g. ReplicaSetController implements ReplicaSets and this event is emitted because
// it acts on some changes in a ReplicaSet object.
// +optional
optional k8s.io.api.core.v1.ObjectReference regarding = 8;
// Optional secondary object for more complex actions. E.g. when regarding object triggers
// a creation or deletion of related object.
// +optional
optional k8s.io.api.core.v1.ObjectReference related = 9;
// Optional. A human-readable description of the status of this operation.
// Maximal length of the note is 1kB, but libraries should be prepared to
// handle values up to 64kB.
// +optional
optional string note = 10;
// Type of this event (Normal, Warning), new types could be added in the
// future.
// +optional
optional string type = 11;
// Deprecated field assuring backward compatibility with core.v1 Event type
// +optional
optional k8s.io.api.core.v1.EventSource deprecatedSource = 12;
// Deprecated field assuring backward compatibility with core.v1 Event type
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deprecatedFirstTimestamp = 13;
// Deprecated field assuring backward compatibility with core.v1 Event type
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deprecatedLastTimestamp = 14;
// Deprecated field assuring backward compatibility with core.v1 Event type
// +optional
optional int32 deprecatedCount = 15;
}
// EventList is a list of Event objects.
message EventList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated Event items = 2;
}
// EventSeries contain information on series of events, i.e. thing that was/is happening
// continuously for some time.
message EventSeries {
// Number of occurrences in this series up to the last heartbeat time
optional int32 count = 1;
// Time when last Event from the series was seen before last heartbeat.
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime lastObservedTime = 2;
// Information whether this series is ongoing or finished.
// Deprecated. Planned removal for 1.18
optional string state = 3;
}

1193
vendor/k8s.io/api/extensions/v1beta1/generated.proto generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

436
vendor/k8s.io/api/flowcontrol/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,436 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.flowcontrol.v1alpha1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// FlowDistinguisherMethod specifies the method of a flow distinguisher.
message FlowDistinguisherMethod {
// `type` is the type of flow distinguisher method
// The supported types are "ByUser" and "ByNamespace".
// Required.
optional string type = 1;
}
// FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of inbound API requests with
// similar attributes and is identified by a pair of strings: the name of the FlowSchema and a "flow distinguisher".
message FlowSchema {
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// `spec` is the specification of the desired behavior of a FlowSchema.
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
// +optional
optional FlowSchemaSpec spec = 2;
// `status` is the current status of a FlowSchema.
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
// +optional
optional FlowSchemaStatus status = 3;
}
// FlowSchemaCondition describes conditions for a FlowSchema.
message FlowSchemaCondition {
// `type` is the type of the condition.
// Required.
optional string type = 1;
// `status` is the status of the condition.
// Can be True, False, Unknown.
// Required.
optional string status = 2;
// `lastTransitionTime` is the last time the condition transitioned from one status to another.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
optional string reason = 4;
// `message` is a human-readable message indicating details about last transition.
optional string message = 5;
}
// FlowSchemaList is a list of FlowSchema objects.
message FlowSchemaList {
// `metadata` is the standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// `items` is a list of FlowSchemas.
// +listType=set
repeated FlowSchema items = 2;
}
// FlowSchemaSpec describes how the FlowSchema's specification looks like.
message FlowSchemaSpec {
// `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot
// be resolved, the FlowSchema will be ignored and marked as invalid in its status.
// Required.
optional PriorityLevelConfigurationReference priorityLevelConfiguration = 1;
// `matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen
// FlowSchema is among those with the numerically lowest (which we take to be logically highest)
// MatchingPrecedence. Each MatchingPrecedence value must be non-negative.
// Note that if the precedence is not specified or zero, it will be set to 1000 as default.
// +optional
optional int32 matchingPrecedence = 2;
// `distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema.
// `nil` specifies that the distinguisher is disabled and thus will always be the empty string.
// +optional
optional FlowDistinguisherMethod distinguisherMethod = 3;
// `rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if
// at least one member of rules matches the request.
// if it is an empty slice, there will be no requests matching the FlowSchema.
// +listType=set
// +optional
repeated PolicyRulesWithSubjects rules = 4;
}
// FlowSchemaStatus represents the current state of a FlowSchema.
message FlowSchemaStatus {
// `conditions` is a list of the current states of FlowSchema.
// +listType=map
// +listMapKey=type
// +optional
repeated FlowSchemaCondition conditions = 1;
}
// GroupSubject holds detailed information for group-kind subject.
message GroupSubject {
// name is the user group that matches, or "*" to match all user groups.
// See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some
// well-known group names.
// Required.
optional string name = 1;
}
// LimitResponse defines how to handle requests that can not be executed right now.
// +union
message LimitResponse {
// `type` is "Queue" or "Reject".
// "Queue" means that requests that can not be executed upon arrival
// are held in a queue until they can be executed or a queuing limit
// is reached.
// "Reject" means that requests that can not be executed upon arrival
// are rejected.
// Required.
// +unionDiscriminator
optional string type = 1;
// `queuing` holds the configuration parameters for queuing.
// This field may be non-empty only if `type` is `"Queue"`.
// +optional
optional QueuingConfiguration queuing = 2;
}
// LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits.
// It addresses two issues:
// * How are requests for this priority level limited?
// * What should be done with requests that exceed the limit?
message LimitedPriorityLevelConfiguration {
// `assuredConcurrencyShares` (ACS) configures the execution
// limit, which is a limit on the number of requests of this
// priority level that may be exeucting at a given time. ACS must
// be a positive number. The server's concurrency limit (SCL) is
// divided among the concurrency-controlled priority levels in
// proportion to their assured concurrency shares. This produces
// the assured concurrency value (ACV) --- the number of requests
// that may be executing at a time --- for each such priority
// level:
//
// ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )
//
// bigger numbers of ACS mean more reserved concurrent requests (at the
// expense of every other PL).
// This field has a default value of 30.
// +optional
optional int32 assuredConcurrencyShares = 1;
// `limitResponse` indicates what to do with requests that can not be executed right now
optional LimitResponse limitResponse = 2;
}
// NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the
// target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member
// of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.
message NonResourcePolicyRule {
// `verbs` is a list of matching verbs and may not be empty.
// "*" matches all verbs. If it is present, it must be the only entry.
// +listType=set
// Required.
repeated string verbs = 1;
// `nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty.
// For example:
// - "/healthz" is legal
// - "/hea*" is illegal
// - "/hea" is legal but matches nothing
// - "/hea/*" also matches nothing
// - "/healthz/*" matches all per-component health checks.
// "*" matches all non-resource urls. if it is present, it must be the only entry.
// +listType=set
// Required.
repeated string nonResourceURLs = 6;
}
// PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject
// making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches
// a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member
// of resourceRules or nonResourceRules matches the request.
message PolicyRulesWithSubjects {
// subjects is the list of normal user, serviceaccount, or group that this rule cares about.
// There must be at least one member in this slice.
// A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request.
// +listType=set
// Required.
repeated Subject subjects = 1;
// `resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the
// target resource.
// At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
// +listType=set
// +optional
repeated ResourcePolicyRule resourceRules = 2;
// `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb
// and the target non-resource URL.
// +listType=set
// +optional
repeated NonResourcePolicyRule nonResourceRules = 3;
}
// PriorityLevelConfiguration represents the configuration of a priority level.
message PriorityLevelConfiguration {
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// `spec` is the specification of the desired behavior of a "request-priority".
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
// +optional
optional PriorityLevelConfigurationSpec spec = 2;
// `status` is the current status of a "request-priority".
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
// +optional
optional PriorityLevelConfigurationStatus status = 3;
}
// PriorityLevelConfigurationCondition defines the condition of priority level.
message PriorityLevelConfigurationCondition {
// `type` is the type of the condition.
// Required.
optional string type = 1;
// `status` is the status of the condition.
// Can be True, False, Unknown.
// Required.
optional string status = 2;
// `lastTransitionTime` is the last time the condition transitioned from one status to another.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
optional string reason = 4;
// `message` is a human-readable message indicating details about last transition.
optional string message = 5;
}
// PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
message PriorityLevelConfigurationList {
// `metadata` is the standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// `items` is a list of request-priorities.
// +listType=set
repeated PriorityLevelConfiguration items = 2;
}
// PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.
message PriorityLevelConfigurationReference {
// `name` is the name of the priority level configuration being referenced
// Required.
optional string name = 1;
}
// PriorityLevelConfigurationSpec specifies the configuration of a priority level.
// +union
message PriorityLevelConfigurationSpec {
// `type` indicates whether this priority level is subject to
// limitation on request execution. A value of `"Exempt"` means
// that requests of this priority level are not subject to a limit
// (and thus are never queued) and do not detract from the
// capacity made available to other priority levels. A value of
// `"Limited"` means that (a) requests of this priority level
// _are_ subject to limits and (b) some of the server's limited
// capacity is made available exclusively to this priority level.
// Required.
// +unionDiscriminator
optional string type = 1;
// `limited` specifies how requests are handled for a Limited priority level.
// This field must be non-empty if and only if `type` is `"Limited"`.
// +optional
optional LimitedPriorityLevelConfiguration limited = 2;
}
// PriorityLevelConfigurationStatus represents the current state of a "request-priority".
message PriorityLevelConfigurationStatus {
// `conditions` is the current state of "request-priority".
// +listType=map
// +listMapKey=type
// +optional
repeated PriorityLevelConfigurationCondition conditions = 1;
}
// QueuingConfiguration holds the configuration parameters for queuing
message QueuingConfiguration {
// `queues` is the number of queues for this priority level. The
// queues exist independently at each apiserver. The value must be
// positive. Setting it to 1 effectively precludes
// shufflesharding and thus makes the distinguisher method of
// associated flow schemas irrelevant. This field has a default
// value of 64.
// +optional
optional int32 queues = 1;
// `handSize` is a small positive number that configures the
// shuffle sharding of requests into queues. When enqueuing a request
// at this priority level the request's flow identifier (a string
// pair) is hashed and the hash value is used to shuffle the list
// of queues and deal a hand of the size specified here. The
// request is put into one of the shortest queues in that hand.
// `handSize` must be no larger than `queues`, and should be
// significantly smaller (so that a few heavy flows do not
// saturate most of the queues). See the user-facing
// documentation for more extensive guidance on setting this
// field. This field has a default value of 8.
// +optional
optional int32 handSize = 2;
// `queueLengthLimit` is the maximum number of requests allowed to
// be waiting in a given queue of this priority level at a time;
// excess requests are rejected. This value must be positive. If
// not specified, it will be defaulted to 50.
// +optional
optional int32 queueLengthLimit = 3;
}
// ResourcePolicyRule is a predicate that matches some resource
// requests, testing the request's verb and the target resource. A
// ResourcePolicyRule matches a resource request if and only if: (a)
// at least one member of verbs matches the request, (b) at least one
// member of apiGroups matches the request, (c) at least one member of
// resources matches the request, and (d) least one member of
// namespaces matches the request.
message ResourcePolicyRule {
// `verbs` is a list of matching verbs and may not be empty.
// "*" matches all verbs and, if present, must be the only entry.
// +listType=set
// Required.
repeated string verbs = 1;
// `apiGroups` is a list of matching API groups and may not be empty.
// "*" matches all API groups and, if present, must be the only entry.
// +listType=set
// Required.
repeated string apiGroups = 2;
// `resources` is a list of matching resources (i.e., lowercase
// and plural) with, if desired, subresource. For example, [
// "services", "nodes/status" ]. This list may not be empty.
// "*" matches all resources and, if present, must be the only entry.
// Required.
// +listType=set
repeated string resources = 3;
// `clusterScope` indicates whether to match requests that do not
// specify a namespace (which happens either because the resource
// is not namespaced or the request targets all namespaces).
// If this field is omitted or false then the `namespaces` field
// must contain a non-empty list.
// +optional
optional bool clusterScope = 4;
// `namespaces` is a list of target namespaces that restricts
// matches. A request that specifies a target namespace matches
// only if either (a) this list contains that target namespace or
// (b) this list contains "*". Note that "*" matches any
// specified namespace but does not match a request that _does
// not specify_ a namespace (see the `clusterScope` field for
// that).
// This list may be empty, but only if `clusterScope` is true.
// +optional
// +listType=set
repeated string namespaces = 5;
}
// ServiceAccountSubject holds detailed information for service-account-kind subject.
message ServiceAccountSubject {
// `namespace` is the namespace of matching ServiceAccount objects.
// Required.
optional string namespace = 1;
// `name` is the name of matching ServiceAccount objects, or "*" to match regardless of name.
// Required.
optional string name = 2;
}
// Subject matches the originator of a request, as identified by the request authentication system. There are three
// ways of matching an originator; by user, group, or service account.
// +union
message Subject {
// Required
// +unionDiscriminator
optional string kind = 1;
// +optional
optional UserSubject user = 2;
// +optional
optional GroupSubject group = 3;
// +optional
optional ServiceAccountSubject serviceAccount = 4;
}
// UserSubject holds detailed information for user-kind subject.
message UserSubject {
// `name` is the username that matches, or "*" to match all usernames.
// Required.
optional string name = 1;
}

195
vendor/k8s.io/api/networking/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,195 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.networking.v1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// IPBlock describes a particular CIDR (Ex. "192.168.1.1/24") that is allowed to the pods
// matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should
// not be included within this rule.
message IPBlock {
// CIDR is a string representing the IP Block
// Valid examples are "192.168.1.1/24"
optional string cidr = 1;
// Except is a slice of CIDRs that should not be included within an IP Block
// Valid examples are "192.168.1.1/24"
// Except values will be rejected if they are outside the CIDR range
// +optional
repeated string except = 2;
}
// NetworkPolicy describes what network traffic is allowed for a set of Pods
message NetworkPolicy {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior for this NetworkPolicy.
// +optional
optional NetworkPolicySpec spec = 2;
}
// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods
// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to.
// This type is beta-level in 1.8
message NetworkPolicyEgressRule {
// List of destination ports for outgoing traffic.
// Each item in this list is combined using a logical OR. If this field is
// empty or missing, this rule matches all ports (traffic not restricted by port).
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
repeated NetworkPolicyPort ports = 1;
// List of destinations for outgoing traffic of pods selected for this rule.
// Items in this list are combined using a logical OR operation. If this field is
// empty or missing, this rule matches all destinations (traffic not restricted by
// destination). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the to list.
// +optional
repeated NetworkPolicyPeer to = 2;
}
// NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods
// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.
message NetworkPolicyIngressRule {
// List of ports which should be made accessible on the pods selected for this
// rule. Each item in this list is combined using a logical OR. If this field is
// empty or missing, this rule matches all ports (traffic not restricted by port).
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
repeated NetworkPolicyPort ports = 1;
// List of sources which should be able to access the pods selected for this rule.
// Items in this list are combined using a logical OR operation. If this field is
// empty or missing, this rule matches all sources (traffic not restricted by
// source). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the from list.
// +optional
repeated NetworkPolicyPeer from = 2;
}
// NetworkPolicyList is a list of NetworkPolicy objects.
message NetworkPolicyList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated NetworkPolicy items = 2;
}
// NetworkPolicyPeer describes a peer to allow traffic from. Only certain combinations of
// fields are allowed
message NetworkPolicyPeer {
// This is a label selector which selects Pods. This field follows standard label
// selector semantics; if present but empty, it selects all pods.
//
// If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects
// the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
// Otherwise it selects the Pods matching PodSelector in the policy's own Namespace.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector podSelector = 1;
// Selects Namespaces using cluster-scoped labels. This field follows standard label
// selector semantics; if present but empty, it selects all namespaces.
//
// If PodSelector is also set, then the NetworkPolicyPeer as a whole selects
// the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
// Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 2;
// IPBlock defines policy on a particular IPBlock. If this field is set then
// neither of the other fields can be.
// +optional
optional IPBlock ipBlock = 3;
}
// NetworkPolicyPort describes a port to allow traffic on
message NetworkPolicyPort {
// The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this
// field defaults to TCP.
// +optional
optional string protocol = 1;
// The port on the given protocol. This can either be a numerical or named port on
// a pod. If this field is not provided, this matches all port names and numbers.
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString port = 2;
}
// NetworkPolicySpec provides the specification of a NetworkPolicy
message NetworkPolicySpec {
// Selects the pods to which this NetworkPolicy object applies. The array of
// ingress rules is applied to any pods selected by this field. Multiple network
// policies can select the same set of pods. In this case, the ingress rules for
// each are combined additively. This field is NOT optional and follows standard
// label selector semantics. An empty podSelector matches all pods in this
// namespace.
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector podSelector = 1;
// List of ingress rules to be applied to the selected pods. Traffic is allowed to
// a pod if there are no NetworkPolicies selecting the pod
// (and cluster policy otherwise allows the traffic), OR if the traffic source is
// the pod's local node, OR if the traffic matches at least one ingress rule
// across all of the NetworkPolicy objects whose podSelector matches the pod. If
// this field is empty then this NetworkPolicy does not allow any traffic (and serves
// solely to ensure that the pods it selects are isolated by default)
// +optional
repeated NetworkPolicyIngressRule ingress = 2;
// List of egress rules to be applied to the selected pods. Outgoing traffic is
// allowed if there are no NetworkPolicies selecting the pod (and cluster policy
// otherwise allows the traffic), OR if the traffic matches at least one egress rule
// across all of the NetworkPolicy objects whose podSelector matches the pod. If
// this field is empty then this NetworkPolicy limits all outgoing traffic (and serves
// solely to ensure that the pods it selects are isolated by default).
// This field is beta-level in 1.8
// +optional
repeated NetworkPolicyEgressRule egress = 3;
// List of rule types that the NetworkPolicy relates to.
// Valid options are "Ingress", "Egress", or "Ingress,Egress".
// If this field is not specified, it will default based on the existence of Ingress or Egress rules;
// policies that contain an Egress section are assumed to affect Egress, and all policies
// (whether or not they contain an Ingress section) are assumed to affect Ingress.
// If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ].
// Likewise, if you want to write a policy that specifies that no egress is allowed,
// you must specify a policyTypes value that include "Egress" (since such a policy would not include
// an Egress section and would otherwise default to just [ "Ingress" ]).
// This field is beta-level in 1.8
// +optional
repeated string policyTypes = 4;
}

186
vendor/k8s.io/api/networking/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,186 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.networking.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// HTTPIngressPath associates a path regex with a backend. Incoming urls matching
// the path are forwarded to the backend.
message HTTPIngressPath {
// Path is an extended POSIX regex as defined by IEEE Std 1003.1,
// (i.e this follows the egrep/unix syntax, not the perl syntax)
// matched against the path of an incoming request. Currently it can
// contain characters disallowed from the conventional "path"
// part of a URL as defined by RFC 3986. Paths must begin with
// a '/'. If unspecified, the path defaults to a catch all sending
// traffic to the backend.
// +optional
optional string path = 1;
// Backend defines the referenced service endpoint to which the traffic
// will be forwarded to.
optional IngressBackend backend = 2;
}
// HTTPIngressRuleValue is a list of http selectors pointing to backends.
// In the example: http://<host>/<path>?<searchpart> -> backend where
// where parts of the url correspond to RFC 3986, this resource will be used
// to match against everything after the last '/' and before the first '?'
// or '#'.
message HTTPIngressRuleValue {
// A collection of paths that map requests to backends.
repeated HTTPIngressPath paths = 1;
}
// Ingress is a collection of rules that allow inbound connections to reach the
// endpoints defined by a backend. An Ingress can be configured to give services
// externally-reachable urls, load balance traffic, terminate SSL, offer name
// based virtual hosting etc.
message Ingress {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Spec is the desired state of the Ingress.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional IngressSpec spec = 2;
// Status is the current state of the Ingress.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
optional IngressStatus status = 3;
}
// IngressBackend describes all endpoints for a given service and port.
message IngressBackend {
// Specifies the name of the referenced service.
optional string serviceName = 1;
// Specifies the port of the referenced service.
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString servicePort = 2;
}
// IngressList is a collection of Ingress.
message IngressList {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of Ingress.
repeated Ingress items = 2;
}
// IngressRule represents the rules mapping the paths under a specified host to
// the related backend services. Incoming requests are first evaluated for a host
// match, then routed to the backend associated with the matching IngressRuleValue.
message IngressRule {
// Host is the fully qualified domain name of a network host, as defined
// by RFC 3986. Note the following deviations from the "host" part of the
// URI as defined in the RFC:
// 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the
// IP in the Spec of the parent Ingress.
// 2. The `:` delimiter is not respected because ports are not allowed.
// Currently the port of an Ingress is implicitly :80 for http and
// :443 for https.
// Both these may change in the future.
// Incoming requests are matched against the host before the IngressRuleValue.
// If the host is unspecified, the Ingress routes all traffic based on the
// specified IngressRuleValue.
// +optional
optional string host = 1;
// IngressRuleValue represents a rule to route requests for this IngressRule.
// If unspecified, the rule defaults to a http catch-all. Whether that sends
// just traffic matching the host to the default backend or all traffic to the
// default backend, is left to the controller fulfilling the Ingress. Http is
// currently the only supported IngressRuleValue.
// +optional
optional IngressRuleValue ingressRuleValue = 2;
}
// IngressRuleValue represents a rule to apply against incoming requests. If the
// rule is satisfied, the request is routed to the specified backend. Currently
// mixing different types of rules in a single Ingress is disallowed, so exactly
// one of the following must be set.
message IngressRuleValue {
// +optional
optional HTTPIngressRuleValue http = 1;
}
// IngressSpec describes the Ingress the user wishes to exist.
message IngressSpec {
// A default backend capable of servicing requests that don't match any
// rule. At least one of 'backend' or 'rules' must be specified. This field
// is optional to allow the loadbalancer controller or defaulting logic to
// specify a global default.
// +optional
optional IngressBackend backend = 1;
// TLS configuration. Currently the Ingress only supports a single TLS
// port, 443. If multiple members of this list specify different hosts, they
// will be multiplexed on the same port according to the hostname specified
// through the SNI TLS extension, if the ingress controller fulfilling the
// ingress supports SNI.
// +optional
repeated IngressTLS tls = 2;
// A list of host rules used to configure the Ingress. If unspecified, or
// no rule matches, all traffic is sent to the default backend.
// +optional
repeated IngressRule rules = 3;
}
// IngressStatus describe the current state of the Ingress.
message IngressStatus {
// LoadBalancer contains the current status of the load-balancer.
// +optional
optional k8s.io.api.core.v1.LoadBalancerStatus loadBalancer = 1;
}
// IngressTLS describes the transport layer security associated with an Ingress.
message IngressTLS {
// Hosts are a list of hosts included in the TLS certificate. The values in
// this list must match the name/s used in the tlsSecret. Defaults to the
// wildcard host setting for the loadbalancer controller fulfilling this
// Ingress, if left unspecified.
// +optional
repeated string hosts = 1;
// SecretName is the name of the secret used to terminate SSL traffic on 443.
// Field is left optional to allow SSL routing based on SNI hostname alone.
// If the SNI host in a listener conflicts with the "Host" header field used
// by an IngressRule, the SNI host is used for termination and value of the
// Host header is used for routing.
// +optional
optional string secretName = 2;
}

118
vendor/k8s.io/api/node/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,118 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.node.v1alpha1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/api/resource/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// Overhead structure represents the resource overhead associated with running a pod.
message Overhead {
// PodFixed represents the fixed resource overhead associated with running a pod.
// +optional
map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> podFixed = 1;
}
// RuntimeClass defines a class of container runtime supported in the cluster.
// The RuntimeClass is used to determine which container runtime is used to run
// all containers in a pod. RuntimeClasses are (currently) manually defined by a
// user or cluster provisioner, and referenced in the PodSpec. The Kubelet is
// responsible for resolving the RuntimeClassName reference before running the
// pod. For more details, see
// https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md
message RuntimeClass {
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the RuntimeClass
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
optional RuntimeClassSpec spec = 2;
}
// RuntimeClassList is a list of RuntimeClass objects.
message RuntimeClassList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated RuntimeClass items = 2;
}
// RuntimeClassSpec is a specification of a RuntimeClass. It contains parameters
// that are required to describe the RuntimeClass to the Container Runtime
// Interface (CRI) implementation, as well as any other components that need to
// understand how the pod will be run. The RuntimeClassSpec is immutable.
message RuntimeClassSpec {
// RuntimeHandler specifies the underlying runtime and configuration that the
// CRI implementation will use to handle pods of this class. The possible
// values are specific to the node & CRI configuration. It is assumed that
// all handlers are available on every node, and handlers of the same name are
// equivalent on every node.
// For example, a handler called "runc" might specify that the runc OCI
// runtime (using native Linux containers) will be used to run the containers
// in a pod.
// The RuntimeHandler must conform to the DNS Label (RFC 1123) requirements
// and is immutable.
optional string runtimeHandler = 1;
// Overhead represents the resource overhead associated with running a pod for a
// given RuntimeClass. For more details, see
// https://git.k8s.io/enhancements/keps/sig-node/20190226-pod-overhead.md
// This field is alpha-level as of Kubernetes v1.15, and is only honored by servers that enable the PodOverhead feature.
// +optional
optional Overhead overhead = 2;
// Scheduling holds the scheduling constraints to ensure that pods running
// with this RuntimeClass are scheduled to nodes that support it.
// If scheduling is nil, this RuntimeClass is assumed to be supported by all
// nodes.
// +optional
optional Scheduling scheduling = 3;
}
// Scheduling specifies the scheduling constraints for nodes supporting a
// RuntimeClass.
message Scheduling {
// nodeSelector lists labels that must be present on nodes that support this
// RuntimeClass. Pods using this RuntimeClass can only be scheduled to a
// node matched by this selector. The RuntimeClass nodeSelector is merged
// with a pod's existing nodeSelector. Any conflicts will cause the pod to
// be rejected in admission.
// +optional
map<string, string> nodeSelector = 1;
// tolerations are appended (excluding duplicates) to pods running with this
// RuntimeClass during admission, effectively unioning the set of nodes
// tolerated by the pod and the RuntimeClass.
// +optional
// +listType=atomic
repeated k8s.io.api.core.v1.Toleration tolerations = 2;
}

108
vendor/k8s.io/api/node/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,108 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.node.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/api/resource/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// Overhead structure represents the resource overhead associated with running a pod.
message Overhead {
// PodFixed represents the fixed resource overhead associated with running a pod.
// +optional
map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> podFixed = 1;
}
// RuntimeClass defines a class of container runtime supported in the cluster.
// The RuntimeClass is used to determine which container runtime is used to run
// all containers in a pod. RuntimeClasses are (currently) manually defined by a
// user or cluster provisioner, and referenced in the PodSpec. The Kubelet is
// responsible for resolving the RuntimeClassName reference before running the
// pod. For more details, see
// https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md
message RuntimeClass {
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Handler specifies the underlying runtime and configuration that the CRI
// implementation will use to handle pods of this class. The possible values
// are specific to the node & CRI configuration. It is assumed that all
// handlers are available on every node, and handlers of the same name are
// equivalent on every node.
// For example, a handler called "runc" might specify that the runc OCI
// runtime (using native Linux containers) will be used to run the containers
// in a pod.
// The Handler must conform to the DNS Label (RFC 1123) requirements, and is
// immutable.
optional string handler = 2;
// Overhead represents the resource overhead associated with running a pod for a
// given RuntimeClass. For more details, see
// https://git.k8s.io/enhancements/keps/sig-node/20190226-pod-overhead.md
// This field is alpha-level as of Kubernetes v1.15, and is only honored by servers that enable the PodOverhead feature.
// +optional
optional Overhead overhead = 3;
// Scheduling holds the scheduling constraints to ensure that pods running
// with this RuntimeClass are scheduled to nodes that support it.
// If scheduling is nil, this RuntimeClass is assumed to be supported by all
// nodes.
// +optional
optional Scheduling scheduling = 4;
}
// RuntimeClassList is a list of RuntimeClass objects.
message RuntimeClassList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated RuntimeClass items = 2;
}
// Scheduling specifies the scheduling constraints for nodes supporting a
// RuntimeClass.
message Scheduling {
// nodeSelector lists labels that must be present on nodes that support this
// RuntimeClass. Pods using this RuntimeClass can only be scheduled to a
// node matched by this selector. The RuntimeClass nodeSelector is merged
// with a pod's existing nodeSelector. Any conflicts will cause the pod to
// be rejected in admission.
// +optional
map<string, string> nodeSelector = 1;
// tolerations are appended (excluding duplicates) to pods running with this
// RuntimeClass during admission, effectively unioning the set of nodes
// tolerated by the pod and the RuntimeClass.
// +optional
// +listType=atomic
repeated k8s.io.api.core.v1.Toleration tolerations = 2;
}

400
vendor/k8s.io/api/policy/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,400 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.policy.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// AllowedCSIDriver represents a single inline CSI Driver that is allowed to be used.
message AllowedCSIDriver {
// Name is the registered name of the CSI driver
optional string name = 1;
}
// AllowedFlexVolume represents a single Flexvolume that is allowed to be used.
message AllowedFlexVolume {
// driver is the name of the Flexvolume driver.
optional string driver = 1;
}
// AllowedHostPath defines the host volume conditions that will be enabled by a policy
// for pods to use. It requires the path prefix to be defined.
message AllowedHostPath {
// pathPrefix is the path prefix that the host volume must match.
// It does not support `*`.
// Trailing slashes are trimmed when validating the path prefix with a host path.
//
// Examples:
// `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
// `/foo` would not allow `/food` or `/etc/foo`
optional string pathPrefix = 1;
// when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.
// +optional
optional bool readOnly = 2;
}
// Eviction evicts a pod from its node subject to certain policies and safety constraints.
// This is a subresource of Pod. A request to cause such an eviction is
// created by POSTing to .../pods/<pod name>/evictions.
message Eviction {
// ObjectMeta describes the pod that is being evicted.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// DeleteOptions may be provided
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.DeleteOptions deleteOptions = 2;
}
// FSGroupStrategyOptions defines the strategy type and options used to create the strategy.
message FSGroupStrategyOptions {
// rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
// +optional
optional string rule = 1;
// ranges are the allowed ranges of fs groups. If you would like to force a single
// fs group then supply a single range with the same start and end. Required for MustRunAs.
// +optional
repeated IDRange ranges = 2;
}
// HostPortRange defines a range of host ports that will be enabled by a policy
// for pods to use. It requires both the start and end to be defined.
message HostPortRange {
// min is the start of the range, inclusive.
optional int32 min = 1;
// max is the end of the range, inclusive.
optional int32 max = 2;
}
// IDRange provides a min/max of an allowed range of IDs.
message IDRange {
// min is the start of the range, inclusive.
optional int64 min = 1;
// max is the end of the range, inclusive.
optional int64 max = 2;
}
// PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods
message PodDisruptionBudget {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired behavior of the PodDisruptionBudget.
// +optional
optional PodDisruptionBudgetSpec spec = 2;
// Most recently observed status of the PodDisruptionBudget.
// +optional
optional PodDisruptionBudgetStatus status = 3;
}
// PodDisruptionBudgetList is a collection of PodDisruptionBudgets.
message PodDisruptionBudgetList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated PodDisruptionBudget items = 2;
}
// PodDisruptionBudgetSpec is a description of a PodDisruptionBudget.
message PodDisruptionBudgetSpec {
// An eviction is allowed if at least "minAvailable" pods selected by
// "selector" will still be available after the eviction, i.e. even in the
// absence of the evicted pod. So for example you can prevent all voluntary
// evictions by specifying "100%".
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString minAvailable = 1;
// Label query over pods whose evictions are managed by the disruption
// budget.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 2;
// An eviction is allowed if at most "maxUnavailable" pods selected by
// "selector" are unavailable after the eviction, i.e. even in absence of
// the evicted pod. For example, one can prevent all voluntary evictions
// by specifying 0. This is a mutually exclusive setting with "minAvailable".
// +optional
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 3;
}
// PodDisruptionBudgetStatus represents information about the status of a
// PodDisruptionBudget. Status may trail the actual state of a system.
message PodDisruptionBudgetStatus {
// Most recent generation observed when updating this PDB status. PodDisruptionsAllowed and other
// status information is valid only if observedGeneration equals to PDB's object generation.
// +optional
optional int64 observedGeneration = 1;
// DisruptedPods contains information about pods whose eviction was
// processed by the API server eviction subresource handler but has not
// yet been observed by the PodDisruptionBudget controller.
// A pod will be in this map from the time when the API server processed the
// eviction request to the time when the pod is seen by PDB controller
// as having been marked for deletion (or after a timeout). The key in the map is the name of the pod
// and the value is the time when the API server processed the eviction request. If
// the deletion didn't occur and a pod is still there it will be removed from
// the list automatically by PodDisruptionBudget controller after some time.
// If everything goes smooth this map should be empty for the most of the time.
// Large number of entries in the map may indicate problems with pod deletions.
// +optional
map<string, k8s.io.apimachinery.pkg.apis.meta.v1.Time> disruptedPods = 2;
// Number of pod disruptions that are currently allowed.
optional int32 disruptionsAllowed = 3;
// current number of healthy pods
optional int32 currentHealthy = 4;
// minimum desired number of healthy pods
optional int32 desiredHealthy = 5;
// total number of pods counted by this disruption budget
optional int32 expectedPods = 6;
}
// PodSecurityPolicy governs the ability to make requests that affect the Security Context
// that will be applied to a pod and container.
message PodSecurityPolicy {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// spec defines the policy enforced.
// +optional
optional PodSecurityPolicySpec spec = 2;
}
// PodSecurityPolicyList is a list of PodSecurityPolicy objects.
message PodSecurityPolicyList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is a list of schema objects.
repeated PodSecurityPolicy items = 2;
}
// PodSecurityPolicySpec defines the policy enforced.
message PodSecurityPolicySpec {
// privileged determines if a pod can request to be run as privileged.
// +optional
optional bool privileged = 1;
// defaultAddCapabilities is the default set of capabilities that will be added to the container
// unless the pod spec specifically drops the capability. You may not list a capability in both
// defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
// allowed, and need not be included in the allowedCapabilities list.
// +optional
repeated string defaultAddCapabilities = 2;
// requiredDropCapabilities are the capabilities that will be dropped from the container. These
// are required to be dropped and cannot be added.
// +optional
repeated string requiredDropCapabilities = 3;
// allowedCapabilities is a list of capabilities that can be requested to add to the container.
// Capabilities in this field may be added at the pod author's discretion.
// You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
// +optional
repeated string allowedCapabilities = 4;
// volumes is a white list of allowed volume plugins. Empty indicates that
// no volumes may be used. To allow all volumes you may use '*'.
// +optional
repeated string volumes = 5;
// hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
// +optional
optional bool hostNetwork = 6;
// hostPorts determines which host port ranges are allowed to be exposed.
// +optional
repeated HostPortRange hostPorts = 7;
// hostPID determines if the policy allows the use of HostPID in the pod spec.
// +optional
optional bool hostPID = 8;
// hostIPC determines if the policy allows the use of HostIPC in the pod spec.
// +optional
optional bool hostIPC = 9;
// seLinux is the strategy that will dictate the allowable labels that may be set.
optional SELinuxStrategyOptions seLinux = 10;
// runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
optional RunAsUserStrategyOptions runAsUser = 11;
// RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
// If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
// RunAsGroup feature gate to be enabled.
// +optional
optional RunAsGroupStrategyOptions runAsGroup = 22;
// supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
optional SupplementalGroupsStrategyOptions supplementalGroups = 12;
// fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
optional FSGroupStrategyOptions fsGroup = 13;
// readOnlyRootFilesystem when set to true will force containers to run with a read only root file
// system. If the container specifically requests to run with a non-read only root file system
// the PSP should deny the pod.
// If set to false the container may run with a read only root file system if it wishes but it
// will not be forced to.
// +optional
optional bool readOnlyRootFilesystem = 14;
// defaultAllowPrivilegeEscalation controls the default setting for whether a
// process can gain more privileges than its parent process.
// +optional
optional bool defaultAllowPrivilegeEscalation = 15;
// allowPrivilegeEscalation determines if a pod can request to allow
// privilege escalation. If unspecified, defaults to true.
// +optional
optional bool allowPrivilegeEscalation = 16;
// allowedHostPaths is a white list of allowed host paths. Empty indicates
// that all host paths may be used.
// +optional
repeated AllowedHostPath allowedHostPaths = 17;
// allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all
// Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes
// is allowed in the "volumes" field.
// +optional
repeated AllowedFlexVolume allowedFlexVolumes = 18;
// AllowedCSIDrivers is a whitelist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
// An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
// This is an alpha field, and is only honored if the API server enables the CSIInlineVolume feature gate.
// +optional
repeated AllowedCSIDriver allowedCSIDrivers = 23;
// allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
// Each entry is either a plain sysctl name or ends in "*" in which case it is considered
// as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
// Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
//
// Examples:
// e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
// e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
// +optional
repeated string allowedUnsafeSysctls = 19;
// forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
// Each entry is either a plain sysctl name or ends in "*" in which case it is considered
// as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
//
// Examples:
// e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
// e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
// +optional
repeated string forbiddenSysctls = 20;
// AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
// Empty or nil indicates that only the DefaultProcMountType may be used.
// This requires the ProcMountType feature flag to be enabled.
// +optional
repeated string allowedProcMountTypes = 21;
// runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
// If this field is omitted, the pod's runtimeClassName field is unrestricted.
// Enforcement of this field depends on the RuntimeClass feature gate being enabled.
// +optional
optional RuntimeClassStrategyOptions runtimeClass = 24;
}
// RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy.
message RunAsGroupStrategyOptions {
// rule is the strategy that will dictate the allowable RunAsGroup values that may be set.
optional string rule = 1;
// ranges are the allowed ranges of gids that may be used. If you would like to force a single gid
// then supply a single range with the same start and end. Required for MustRunAs.
// +optional
repeated IDRange ranges = 2;
}
// RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.
message RunAsUserStrategyOptions {
// rule is the strategy that will dictate the allowable RunAsUser values that may be set.
optional string rule = 1;
// ranges are the allowed ranges of uids that may be used. If you would like to force a single uid
// then supply a single range with the same start and end. Required for MustRunAs.
// +optional
repeated IDRange ranges = 2;
}
// RuntimeClassStrategyOptions define the strategy that will dictate the allowable RuntimeClasses
// for a pod.
message RuntimeClassStrategyOptions {
// allowedRuntimeClassNames is a whitelist of RuntimeClass names that may be specified on a pod.
// A value of "*" means that any RuntimeClass name is allowed, and must be the only item in the
// list. An empty list requires the RuntimeClassName field to be unset.
repeated string allowedRuntimeClassNames = 1;
// defaultRuntimeClassName is the default RuntimeClassName to set on the pod.
// The default MUST be allowed by the allowedRuntimeClassNames list.
// A value of nil does not mutate the Pod.
// +optional
optional string defaultRuntimeClassName = 2;
}
// SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.
message SELinuxStrategyOptions {
// rule is the strategy that will dictate the allowable labels that may be set.
optional string rule = 1;
// seLinuxOptions required to run as; required for MustRunAs
// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
// +optional
optional k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 2;
}
// SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.
message SupplementalGroupsStrategyOptions {
// rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
// +optional
optional string rule = 1;
// ranges are the allowed ranges of supplemental groups. If you would like to force a single
// supplemental group then supply a single range with the same start and end. Required for MustRunAs.
// +optional
repeated IDRange ranges = 2;
}

199
vendor/k8s.io/api/rbac/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,199 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.rbac.v1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole
message AggregationRule {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
repeated k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector clusterRoleSelectors = 1;
}
// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
message ClusterRole {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules holds all the PolicyRules for this ClusterRole
// +optional
repeated PolicyRule rules = 2;
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
// If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be
// stomped by the controller.
// +optional
optional AggregationRule aggregationRule = 3;
}
// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace,
// and adds who information via Subject.
message ClusterRoleBinding {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Subjects holds references to the objects the role applies to.
// +optional
repeated Subject subjects = 2;
// RoleRef can only reference a ClusterRole in the global namespace.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
optional RoleRef roleRef = 3;
}
// ClusterRoleBindingList is a collection of ClusterRoleBindings
message ClusterRoleBindingList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of ClusterRoleBindings
repeated ClusterRoleBinding items = 2;
}
// ClusterRoleList is a collection of ClusterRoles
message ClusterRoleList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of ClusterRoles
repeated ClusterRole items = 2;
}
// PolicyRule holds information that describes a policy rule, but does not contain information
// about who the rule applies to or which namespace the rule applies to.
message PolicyRule {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed.
// +optional
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. ResourceAll represents all resources.
// +optional
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
repeated string resourceNames = 4;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
repeated string nonResourceURLs = 5;
}
// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
message Role {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules holds all the PolicyRules for this Role
// +optional
repeated PolicyRule rules = 2;
}
// RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace.
// It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given
// namespace only have effect in that namespace.
message RoleBinding {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Subjects holds references to the objects the role applies to.
// +optional
repeated Subject subjects = 2;
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
optional RoleRef roleRef = 3;
}
// RoleBindingList is a collection of RoleBindings
message RoleBindingList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of RoleBindings
repeated RoleBinding items = 2;
}
// RoleList is a collection of Roles
message RoleList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of Roles
repeated Role items = 2;
}
// RoleRef contains information that points to the role being used
message RoleRef {
// APIGroup is the group for the resource being referenced
optional string apiGroup = 1;
// Kind is the type of resource being referenced
optional string kind = 2;
// Name is the name of resource being referenced
optional string name = 3;
}
// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference,
// or a value for non-objects such as user and group names.
message Subject {
// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount".
// If the Authorizer does not recognized the kind value, the Authorizer should report an error.
optional string kind = 1;
// APIGroup holds the API group of the referenced subject.
// Defaults to "" for ServiceAccount subjects.
// Defaults to "rbac.authorization.k8s.io" for User and Group subjects.
// +optional
optional string apiGroup = 2;
// Name of the object being referenced.
optional string name = 3;
// Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty
// the Authorizer should report an error.
// +optional
optional string namespace = 4;
}

209
vendor/k8s.io/api/rbac/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,209 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.rbac.v1alpha1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole
message AggregationRule {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
repeated k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector clusterRoleSelectors = 1;
}
// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
message ClusterRole {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules holds all the PolicyRules for this ClusterRole
// +optional
repeated PolicyRule rules = 2;
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
// If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be
// stomped by the controller.
// +optional
optional AggregationRule aggregationRule = 3;
}
// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace,
// and adds who information via Subject.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be served in v1.20.
message ClusterRoleBinding {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Subjects holds references to the objects the role applies to.
// +optional
repeated Subject subjects = 2;
// RoleRef can only reference a ClusterRole in the global namespace.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
optional RoleRef roleRef = 3;
}
// ClusterRoleBindingList is a collection of ClusterRoleBindings.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBindings, and will no longer be served in v1.20.
message ClusterRoleBindingList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of ClusterRoleBindings
repeated ClusterRoleBinding items = 2;
}
// ClusterRoleList is a collection of ClusterRoles.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
message ClusterRoleList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of ClusterRoles
repeated ClusterRole items = 2;
}
// PolicyRule holds information that describes a policy rule, but does not contain information
// about who the rule applies to or which namespace the rule applies to.
message PolicyRule {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed.
// +optional
repeated string apiGroups = 3;
// Resources is a list of resources this rule applies to. ResourceAll represents all resources.
// +optional
repeated string resources = 4;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
repeated string resourceNames = 5;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// This name is intentionally different than the internal type so that the DefaultConvert works nicely and because the ordering may be different.
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
repeated string nonResourceURLs = 6;
}
// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no longer be served in v1.20.
message Role {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules holds all the PolicyRules for this Role
// +optional
repeated PolicyRule rules = 2;
}
// RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace.
// It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given
// namespace only have effect in that namespace.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
message RoleBinding {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Subjects holds references to the objects the role applies to.
// +optional
repeated Subject subjects = 2;
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
optional RoleRef roleRef = 3;
}
// RoleBindingList is a collection of RoleBindings
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
message RoleBindingList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of RoleBindings
repeated RoleBinding items = 2;
}
// RoleList is a collection of Roles.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
message RoleList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of Roles
repeated Role items = 2;
}
// RoleRef contains information that points to the role being used
message RoleRef {
// APIGroup is the group for the resource being referenced
optional string apiGroup = 1;
// Kind is the type of resource being referenced
optional string kind = 2;
// Name is the name of resource being referenced
optional string name = 3;
}
// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference,
// or a value for non-objects such as user and group names.
message Subject {
// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount".
// If the Authorizer does not recognized the kind value, the Authorizer should report an error.
optional string kind = 1;
// APIVersion holds the API group and version of the referenced subject.
// Defaults to "v1" for ServiceAccount subjects.
// Defaults to "rbac.authorization.k8s.io/v1alpha1" for User and Group subjects.
// +k8s:conversion-gen=false
// +optional
optional string apiVersion = 2;
// Name of the object being referenced.
optional string name = 3;
// Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty
// the Authorizer should report an error.
// +optional
optional string namespace = 4;
}

208
vendor/k8s.io/api/rbac/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,208 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.rbac.v1beta1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole
message AggregationRule {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
repeated k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector clusterRoleSelectors = 1;
}
// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
message ClusterRole {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules holds all the PolicyRules for this ClusterRole
// +optional
repeated PolicyRule rules = 2;
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
// If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be
// stomped by the controller.
// +optional
optional AggregationRule aggregationRule = 3;
}
// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace,
// and adds who information via Subject.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be served in v1.20.
message ClusterRoleBinding {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Subjects holds references to the objects the role applies to.
// +optional
repeated Subject subjects = 2;
// RoleRef can only reference a ClusterRole in the global namespace.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
optional RoleRef roleRef = 3;
}
// ClusterRoleBindingList is a collection of ClusterRoleBindings.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBindingList, and will no longer be served in v1.20.
message ClusterRoleBindingList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of ClusterRoleBindings
repeated ClusterRoleBinding items = 2;
}
// ClusterRoleList is a collection of ClusterRoles.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
message ClusterRoleList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of ClusterRoles
repeated ClusterRole items = 2;
}
// PolicyRule holds information that describes a policy rule, but does not contain information
// about who the rule applies to or which namespace the rule applies to.
message PolicyRule {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed.
// +optional
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. '*' represents all resources in the specified apiGroups.
// '*/foo' represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
repeated string resourceNames = 4;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
repeated string nonResourceURLs = 5;
}
// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no longer be served in v1.20.
message Role {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules holds all the PolicyRules for this Role
// +optional
repeated PolicyRule rules = 2;
}
// RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace.
// It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given
// namespace only have effect in that namespace.
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
message RoleBinding {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Subjects holds references to the objects the role applies to.
// +optional
repeated Subject subjects = 2;
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
optional RoleRef roleRef = 3;
}
// RoleBindingList is a collection of RoleBindings
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
message RoleBindingList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of RoleBindings
repeated RoleBinding items = 2;
}
// RoleList is a collection of Roles
// Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
message RoleList {
// Standard object's metadata.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of Roles
repeated Role items = 2;
}
// RoleRef contains information that points to the role being used
message RoleRef {
// APIGroup is the group for the resource being referenced
optional string apiGroup = 1;
// Kind is the type of resource being referenced
optional string kind = 2;
// Name is the name of resource being referenced
optional string name = 3;
}
// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference,
// or a value for non-objects such as user and group names.
message Subject {
// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount".
// If the Authorizer does not recognized the kind value, the Authorizer should report an error.
optional string kind = 1;
// APIGroup holds the API group of the referenced subject.
// Defaults to "" for ServiceAccount subjects.
// Defaults to "rbac.authorization.k8s.io" for User and Group subjects.
// +optional
optional string apiGroup = 2;
// Name of the object being referenced.
optional string name = 3;
// Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty
// the Authorizer should report an error.
// +optional
optional string namespace = 4;
}

75
vendor/k8s.io/api/scheduling/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,75 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.scheduling.v1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// PriorityClass defines mapping from a priority class name to the priority
// integer value. The value can be any valid integer.
message PriorityClass {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// The value of this priority class. This is the actual priority that pods
// receive when they have the name of this class in their pod spec.
optional int32 value = 2;
// globalDefault specifies whether this PriorityClass should be considered as
// the default priority for pods that do not have any priority class.
// Only one PriorityClass can be marked as `globalDefault`. However, if more than
// one PriorityClasses exists with their `globalDefault` field set to true,
// the smallest value of such global default PriorityClasses will be used as the default priority.
// +optional
optional bool globalDefault = 3;
// description is an arbitrary string that usually provides guidelines on
// when this priority class should be used.
// +optional
optional string description = 4;
// PreemptionPolicy is the Policy for preempting pods with lower priority.
// One of Never, PreemptLowerPriority.
// Defaults to PreemptLowerPriority if unset.
// This field is alpha-level and is only honored by servers that enable the NonPreemptingPriority feature.
// +optional
optional string preemptionPolicy = 5;
}
// PriorityClassList is a collection of priority classes.
message PriorityClassList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of PriorityClasses
repeated PriorityClass items = 2;
}

76
vendor/k8s.io/api/scheduling/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,76 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.scheduling.v1alpha1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// DEPRECATED - This group version of PriorityClass is deprecated by scheduling.k8s.io/v1/PriorityClass.
// PriorityClass defines mapping from a priority class name to the priority
// integer value. The value can be any valid integer.
message PriorityClass {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// The value of this priority class. This is the actual priority that pods
// receive when they have the name of this class in their pod spec.
optional int32 value = 2;
// globalDefault specifies whether this PriorityClass should be considered as
// the default priority for pods that do not have any priority class.
// Only one PriorityClass can be marked as `globalDefault`. However, if more than
// one PriorityClasses exists with their `globalDefault` field set to true,
// the smallest value of such global default PriorityClasses will be used as the default priority.
// +optional
optional bool globalDefault = 3;
// description is an arbitrary string that usually provides guidelines on
// when this priority class should be used.
// +optional
optional string description = 4;
// PreemptionPolicy is the Policy for preempting pods with lower priority.
// One of Never, PreemptLowerPriority.
// Defaults to PreemptLowerPriority if unset.
// This field is alpha-level and is only honored by servers that enable the NonPreemptingPriority feature.
// +optional
optional string preemptionPolicy = 5;
}
// PriorityClassList is a collection of priority classes.
message PriorityClassList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of PriorityClasses
repeated PriorityClass items = 2;
}

76
vendor/k8s.io/api/scheduling/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,76 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.scheduling.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// DEPRECATED - This group version of PriorityClass is deprecated by scheduling.k8s.io/v1/PriorityClass.
// PriorityClass defines mapping from a priority class name to the priority
// integer value. The value can be any valid integer.
message PriorityClass {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// The value of this priority class. This is the actual priority that pods
// receive when they have the name of this class in their pod spec.
optional int32 value = 2;
// globalDefault specifies whether this PriorityClass should be considered as
// the default priority for pods that do not have any priority class.
// Only one PriorityClass can be marked as `globalDefault`. However, if more than
// one PriorityClasses exists with their `globalDefault` field set to true,
// the smallest value of such global default PriorityClasses will be used as the default priority.
// +optional
optional bool globalDefault = 3;
// description is an arbitrary string that usually provides guidelines on
// when this priority class should be used.
// +optional
optional string description = 4;
// PreemptionPolicy is the Policy for preempting pods with lower priority.
// One of Never, PreemptLowerPriority.
// Defaults to PreemptLowerPriority if unset.
// This field is alpha-level and is only honored by servers that enable the NonPreemptingPriority feature.
// +optional
optional string preemptionPolicy = 5;
}
// PriorityClassList is a collection of priority classes.
message PriorityClassList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of PriorityClasses
repeated PriorityClass items = 2;
}

75
vendor/k8s.io/api/settings/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,75 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.settings.v1alpha1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// PodPreset is a policy resource that defines additional runtime
// requirements for a Pod.
message PodPreset {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// +optional
optional PodPresetSpec spec = 2;
}
// PodPresetList is a list of PodPreset objects.
message PodPresetList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is a list of schema objects.
repeated PodPreset items = 2;
}
// PodPresetSpec is a description of a pod preset.
message PodPresetSpec {
// Selector is a label query over a set of resources, in this case pods.
// Required.
optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 1;
// Env defines the collection of EnvVar to inject into containers.
// +optional
repeated k8s.io.api.core.v1.EnvVar env = 2;
// EnvFrom defines the collection of EnvFromSource to inject into containers.
// +optional
repeated k8s.io.api.core.v1.EnvFromSource envFrom = 3;
// Volumes defines the collection of Volume to inject into the pod.
// +optional
repeated k8s.io.api.core.v1.Volume volumes = 4;
// VolumeMounts defines the collection of VolumeMount to inject into containers.
// +optional
repeated k8s.io.api.core.v1.VolumeMount volumeMounts = 5;
}

279
vendor/k8s.io/api/storage/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,279 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.storage.v1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// CSINode holds information about all CSI drivers installed on a node.
// CSI drivers do not need to create the CSINode object directly. As long as
// they use the node-driver-registrar sidecar container, the kubelet will
// automatically populate the CSINode object for the CSI driver as part of
// kubelet plugin registration.
// CSINode has the same name as a node. If the object is missing, it means either
// there are no CSI Drivers available on the node, or the Kubelet version is low
// enough that it doesn't create this object.
// CSINode has an OwnerReference that points to the corresponding node object.
message CSINode {
// metadata.name must be the Kubernetes node name.
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// spec is the specification of CSINode
optional CSINodeSpec spec = 2;
}
// CSINodeDriver holds information about the specification of one CSI driver installed on a node
message CSINodeDriver {
// This is the name of the CSI driver that this object refers to.
// This MUST be the same name returned by the CSI GetPluginName() call for
// that driver.
optional string name = 1;
// nodeID of the node from the driver point of view.
// This field enables Kubernetes to communicate with storage systems that do
// not share the same nomenclature for nodes. For example, Kubernetes may
// refer to a given node as "node1", but the storage system may refer to
// the same node as "nodeA". When Kubernetes issues a command to the storage
// system to attach a volume to a specific node, it can use this field to
// refer to the node name using the ID that the storage system will
// understand, e.g. "nodeA" instead of "node1". This field is required.
optional string nodeID = 2;
// topologyKeys is the list of keys supported by the driver.
// When a driver is initialized on a cluster, it provides a set of topology
// keys that it understands (e.g. "company.com/zone", "company.com/region").
// When a driver is initialized on a node, it provides the same topology keys
// along with values. Kubelet will expose these topology keys as labels
// on its own node object.
// When Kubernetes does topology aware provisioning, it can use this list to
// determine which labels it should retrieve from the node object and pass
// back to the driver.
// It is possible for different nodes to use different topology keys.
// This can be empty if driver does not support topology.
// +optional
repeated string topologyKeys = 3;
// allocatable represents the volume resources of a node that are available for scheduling.
// This field is beta.
// +optional
optional VolumeNodeResources allocatable = 4;
}
// CSINodeList is a collection of CSINode objects.
message CSINodeList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CSINode
repeated CSINode items = 2;
}
// CSINodeSpec holds information about the specification of all CSI drivers installed on a node
message CSINodeSpec {
// drivers is a list of information of all CSI Drivers existing on a node.
// If all drivers in the list are uninstalled, this can become empty.
// +patchMergeKey=name
// +patchStrategy=merge
repeated CSINodeDriver drivers = 1;
}
// StorageClass describes the parameters for a class of storage for
// which PersistentVolumes can be dynamically provisioned.
//
// StorageClasses are non-namespaced; the name of the storage class
// according to etcd is in ObjectMeta.Name.
message StorageClass {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Provisioner indicates the type of the provisioner.
optional string provisioner = 2;
// Parameters holds the parameters for the provisioner that should
// create volumes of this storage class.
// +optional
map<string, string> parameters = 3;
// Dynamically provisioned PersistentVolumes of this storage class are
// created with this reclaimPolicy. Defaults to Delete.
// +optional
optional string reclaimPolicy = 4;
// Dynamically provisioned PersistentVolumes of this storage class are
// created with these mountOptions, e.g. ["ro", "soft"]. Not validated -
// mount of the PVs will simply fail if one is invalid.
// +optional
repeated string mountOptions = 5;
// AllowVolumeExpansion shows whether the storage class allow volume expand
// +optional
optional bool allowVolumeExpansion = 6;
// VolumeBindingMode indicates how PersistentVolumeClaims should be
// provisioned and bound. When unset, VolumeBindingImmediate is used.
// This field is only honored by servers that enable the VolumeScheduling feature.
// +optional
optional string volumeBindingMode = 7;
// Restrict the node topologies where volumes can be dynamically provisioned.
// Each volume plugin defines its own supported topology specifications.
// An empty TopologySelectorTerm list means there is no topology restriction.
// This field is only honored by servers that enable the VolumeScheduling feature.
// +optional
repeated k8s.io.api.core.v1.TopologySelectorTerm allowedTopologies = 8;
}
// StorageClassList is a collection of storage classes.
message StorageClassList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of StorageClasses
repeated StorageClass items = 2;
}
// VolumeAttachment captures the intent to attach or detach the specified volume
// to/from the specified node.
//
// VolumeAttachment objects are non-namespaced.
message VolumeAttachment {
// Standard object metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired attach/detach volume behavior.
// Populated by the Kubernetes system.
optional VolumeAttachmentSpec spec = 2;
// Status of the VolumeAttachment request.
// Populated by the entity completing the attach or detach
// operation, i.e. the external-attacher.
// +optional
optional VolumeAttachmentStatus status = 3;
}
// VolumeAttachmentList is a collection of VolumeAttachment objects.
message VolumeAttachmentList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of VolumeAttachments
repeated VolumeAttachment items = 2;
}
// VolumeAttachmentSource represents a volume that should be attached.
// Right now only PersistenVolumes can be attached via external attacher,
// in future we may allow also inline volumes in pods.
// Exactly one member can be set.
message VolumeAttachmentSource {
// Name of the persistent volume to attach.
// +optional
optional string persistentVolumeName = 1;
// inlineVolumeSpec contains all the information necessary to attach
// a persistent volume defined by a pod's inline VolumeSource. This field
// is populated only for the CSIMigration feature. It contains
// translated fields from a pod's inline VolumeSource to a
// PersistentVolumeSpec. This field is alpha-level and is only
// honored by servers that enabled the CSIMigration feature.
// +optional
optional k8s.io.api.core.v1.PersistentVolumeSpec inlineVolumeSpec = 2;
}
// VolumeAttachmentSpec is the specification of a VolumeAttachment request.
message VolumeAttachmentSpec {
// Attacher indicates the name of the volume driver that MUST handle this
// request. This is the name returned by GetPluginName().
optional string attacher = 1;
// Source represents the volume that should be attached.
optional VolumeAttachmentSource source = 2;
// The node that the volume should be attached to.
optional string nodeName = 3;
}
// VolumeAttachmentStatus is the status of a VolumeAttachment request.
message VolumeAttachmentStatus {
// Indicates the volume is successfully attached.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
optional bool attached = 1;
// Upon successful attach, this field is populated with any
// information returned by the attach operation that must be passed
// into subsequent WaitForAttach or Mount calls.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
// +optional
map<string, string> attachmentMetadata = 2;
// The last error encountered during attach operation, if any.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
// +optional
optional VolumeError attachError = 3;
// The last error encountered during detach operation, if any.
// This field must only be set by the entity completing the detach
// operation, i.e. the external-attacher.
// +optional
optional VolumeError detachError = 4;
}
// VolumeError captures an error encountered during a volume operation.
message VolumeError {
// Time the error was encountered.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time time = 1;
// String detailing the error encountered during Attach or Detach operation.
// This string may be logged, so it should not contain sensitive
// information.
// +optional
optional string message = 2;
}
// VolumeNodeResources is a set of resource limits for scheduling of volumes.
message VolumeNodeResources {
// Maximum number of unique volumes managed by the CSI driver that can be used on a node.
// A volume that is both attached and mounted on a node is considered to be used once, not twice.
// The same rule applies for a unique volume that is shared among multiple pods on the same node.
// If this field is not specified, then the supported number of volumes on this node is unbounded.
// +optional
optional int32 count = 1;
}

136
vendor/k8s.io/api/storage/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,136 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.storage.v1alpha1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// VolumeAttachment captures the intent to attach or detach the specified volume
// to/from the specified node.
//
// VolumeAttachment objects are non-namespaced.
message VolumeAttachment {
// Standard object metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired attach/detach volume behavior.
// Populated by the Kubernetes system.
optional VolumeAttachmentSpec spec = 2;
// Status of the VolumeAttachment request.
// Populated by the entity completing the attach or detach
// operation, i.e. the external-attacher.
// +optional
optional VolumeAttachmentStatus status = 3;
}
// VolumeAttachmentList is a collection of VolumeAttachment objects.
message VolumeAttachmentList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of VolumeAttachments
repeated VolumeAttachment items = 2;
}
// VolumeAttachmentSource represents a volume that should be attached.
// Right now only PersistenVolumes can be attached via external attacher,
// in future we may allow also inline volumes in pods.
// Exactly one member can be set.
message VolumeAttachmentSource {
// Name of the persistent volume to attach.
// +optional
optional string persistentVolumeName = 1;
// inlineVolumeSpec contains all the information necessary to attach
// a persistent volume defined by a pod's inline VolumeSource. This field
// is populated only for the CSIMigration feature. It contains
// translated fields from a pod's inline VolumeSource to a
// PersistentVolumeSpec. This field is alpha-level and is only
// honored by servers that enabled the CSIMigration feature.
// +optional
optional k8s.io.api.core.v1.PersistentVolumeSpec inlineVolumeSpec = 2;
}
// VolumeAttachmentSpec is the specification of a VolumeAttachment request.
message VolumeAttachmentSpec {
// Attacher indicates the name of the volume driver that MUST handle this
// request. This is the name returned by GetPluginName().
optional string attacher = 1;
// Source represents the volume that should be attached.
optional VolumeAttachmentSource source = 2;
// The node that the volume should be attached to.
optional string nodeName = 3;
}
// VolumeAttachmentStatus is the status of a VolumeAttachment request.
message VolumeAttachmentStatus {
// Indicates the volume is successfully attached.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
optional bool attached = 1;
// Upon successful attach, this field is populated with any
// information returned by the attach operation that must be passed
// into subsequent WaitForAttach or Mount calls.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
// +optional
map<string, string> attachmentMetadata = 2;
// The last error encountered during attach operation, if any.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
// +optional
optional VolumeError attachError = 3;
// The last error encountered during detach operation, if any.
// This field must only be set by the entity completing the detach
// operation, i.e. the external-attacher.
// +optional
optional VolumeError detachError = 4;
}
// VolumeError captures an error encountered during a volume operation.
message VolumeError {
// Time the error was encountered.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time time = 1;
// String detailing the error encountered during Attach or Detach operation.
// This string maybe logged, so it should not contain sensitive
// information.
// +optional
optional string message = 2;
}

372
vendor/k8s.io/api/storage/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,372 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.api.storage.v1beta1;
import "k8s.io/api/core/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// CSIDriver captures information about a Container Storage Interface (CSI)
// volume driver deployed on the cluster.
// CSI drivers do not need to create the CSIDriver object directly. Instead they may use the
// cluster-driver-registrar sidecar container. When deployed with a CSI driver it automatically
// creates a CSIDriver object representing the driver.
// Kubernetes attach detach controller uses this object to determine whether attach is required.
// Kubelet uses this object to determine whether pod information needs to be passed on mount.
// CSIDriver objects are non-namespaced.
message CSIDriver {
// Standard object metadata.
// metadata.Name indicates the name of the CSI driver that this object
// refers to; it MUST be the same name returned by the CSI GetPluginName()
// call for that driver.
// The driver name must be 63 characters or less, beginning and ending with
// an alphanumeric character ([a-z0-9A-Z]) with dashes (-), dots (.), and
// alphanumerics between.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the CSI Driver.
optional CSIDriverSpec spec = 2;
}
// CSIDriverList is a collection of CSIDriver objects.
message CSIDriverList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CSIDriver
repeated CSIDriver items = 2;
}
// CSIDriverSpec is the specification of a CSIDriver.
message CSIDriverSpec {
// attachRequired indicates this CSI volume driver requires an attach
// operation (because it implements the CSI ControllerPublishVolume()
// method), and that the Kubernetes attach detach controller should call
// the attach volume interface which checks the volumeattachment status
// and waits until the volume is attached before proceeding to mounting.
// The CSI external-attacher coordinates with CSI volume driver and updates
// the volumeattachment status when the attach operation is complete.
// If the CSIDriverRegistry feature gate is enabled and the value is
// specified to false, the attach operation will be skipped.
// Otherwise the attach operation will be called.
// +optional
optional bool attachRequired = 1;
// If set to true, podInfoOnMount indicates this CSI volume driver
// requires additional pod information (like podName, podUID, etc.) during
// mount operations.
// If set to false, pod information will not be passed on mount.
// Default is false.
// The CSI driver specifies podInfoOnMount as part of driver deployment.
// If true, Kubelet will pass pod information as VolumeContext in the CSI
// NodePublishVolume() calls.
// The CSI driver is responsible for parsing and validating the information
// passed in as VolumeContext.
// The following VolumeConext will be passed if podInfoOnMount is set to true.
// This list might grow, but the prefix will be used.
// "csi.storage.k8s.io/pod.name": pod.Name
// "csi.storage.k8s.io/pod.namespace": pod.Namespace
// "csi.storage.k8s.io/pod.uid": string(pod.UID)
// "csi.storage.k8s.io/ephemeral": "true" iff the volume is an ephemeral inline volume
// defined by a CSIVolumeSource, otherwise "false"
//
// "csi.storage.k8s.io/ephemeral" is a new feature in Kubernetes 1.16. It is only
// required for drivers which support both the "Persistent" and "Ephemeral" VolumeLifecycleMode.
// Other drivers can leave pod info disabled and/or ignore this field.
// As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when
// deployed on such a cluster and the deployment determines which mode that is, for example
// via a command line parameter of the driver.
// +optional
optional bool podInfoOnMount = 2;
// VolumeLifecycleModes defines what kind of volumes this CSI volume driver supports.
// The default if the list is empty is "Persistent", which is the usage
// defined by the CSI specification and implemented in Kubernetes via the usual
// PV/PVC mechanism.
// The other mode is "Ephemeral". In this mode, volumes are defined inline
// inside the pod spec with CSIVolumeSource and their lifecycle is tied to
// the lifecycle of that pod. A driver has to be aware of this
// because it is only going to get a NodePublishVolume call for such a volume.
// For more information about implementing this mode, see
// https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html
// A driver can support one or more of these modes and
// more modes may be added in the future.
// +optional
repeated string volumeLifecycleModes = 3;
}
// DEPRECATED - This group version of CSINode is deprecated by storage/v1/CSINode.
// See the release notes for more information.
// CSINode holds information about all CSI drivers installed on a node.
// CSI drivers do not need to create the CSINode object directly. As long as
// they use the node-driver-registrar sidecar container, the kubelet will
// automatically populate the CSINode object for the CSI driver as part of
// kubelet plugin registration.
// CSINode has the same name as a node. If the object is missing, it means either
// there are no CSI Drivers available on the node, or the Kubelet version is low
// enough that it doesn't create this object.
// CSINode has an OwnerReference that points to the corresponding node object.
message CSINode {
// metadata.name must be the Kubernetes node name.
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// spec is the specification of CSINode
optional CSINodeSpec spec = 2;
}
// CSINodeDriver holds information about the specification of one CSI driver installed on a node
message CSINodeDriver {
// This is the name of the CSI driver that this object refers to.
// This MUST be the same name returned by the CSI GetPluginName() call for
// that driver.
optional string name = 1;
// nodeID of the node from the driver point of view.
// This field enables Kubernetes to communicate with storage systems that do
// not share the same nomenclature for nodes. For example, Kubernetes may
// refer to a given node as "node1", but the storage system may refer to
// the same node as "nodeA". When Kubernetes issues a command to the storage
// system to attach a volume to a specific node, it can use this field to
// refer to the node name using the ID that the storage system will
// understand, e.g. "nodeA" instead of "node1". This field is required.
optional string nodeID = 2;
// topologyKeys is the list of keys supported by the driver.
// When a driver is initialized on a cluster, it provides a set of topology
// keys that it understands (e.g. "company.com/zone", "company.com/region").
// When a driver is initialized on a node, it provides the same topology keys
// along with values. Kubelet will expose these topology keys as labels
// on its own node object.
// When Kubernetes does topology aware provisioning, it can use this list to
// determine which labels it should retrieve from the node object and pass
// back to the driver.
// It is possible for different nodes to use different topology keys.
// This can be empty if driver does not support topology.
// +optional
repeated string topologyKeys = 3;
// allocatable represents the volume resources of a node that are available for scheduling.
// +optional
optional VolumeNodeResources allocatable = 4;
}
// CSINodeList is a collection of CSINode objects.
message CSINodeList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CSINode
repeated CSINode items = 2;
}
// CSINodeSpec holds information about the specification of all CSI drivers installed on a node
message CSINodeSpec {
// drivers is a list of information of all CSI Drivers existing on a node.
// If all drivers in the list are uninstalled, this can become empty.
// +patchMergeKey=name
// +patchStrategy=merge
repeated CSINodeDriver drivers = 1;
}
// StorageClass describes the parameters for a class of storage for
// which PersistentVolumes can be dynamically provisioned.
//
// StorageClasses are non-namespaced; the name of the storage class
// according to etcd is in ObjectMeta.Name.
message StorageClass {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Provisioner indicates the type of the provisioner.
optional string provisioner = 2;
// Parameters holds the parameters for the provisioner that should
// create volumes of this storage class.
// +optional
map<string, string> parameters = 3;
// Dynamically provisioned PersistentVolumes of this storage class are
// created with this reclaimPolicy. Defaults to Delete.
// +optional
optional string reclaimPolicy = 4;
// Dynamically provisioned PersistentVolumes of this storage class are
// created with these mountOptions, e.g. ["ro", "soft"]. Not validated -
// mount of the PVs will simply fail if one is invalid.
// +optional
repeated string mountOptions = 5;
// AllowVolumeExpansion shows whether the storage class allow volume expand
// +optional
optional bool allowVolumeExpansion = 6;
// VolumeBindingMode indicates how PersistentVolumeClaims should be
// provisioned and bound. When unset, VolumeBindingImmediate is used.
// This field is only honored by servers that enable the VolumeScheduling feature.
// +optional
optional string volumeBindingMode = 7;
// Restrict the node topologies where volumes can be dynamically provisioned.
// Each volume plugin defines its own supported topology specifications.
// An empty TopologySelectorTerm list means there is no topology restriction.
// This field is only honored by servers that enable the VolumeScheduling feature.
// +optional
repeated k8s.io.api.core.v1.TopologySelectorTerm allowedTopologies = 8;
}
// StorageClassList is a collection of storage classes.
message StorageClassList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of StorageClasses
repeated StorageClass items = 2;
}
// VolumeAttachment captures the intent to attach or detach the specified volume
// to/from the specified node.
//
// VolumeAttachment objects are non-namespaced.
message VolumeAttachment {
// Standard object metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Specification of the desired attach/detach volume behavior.
// Populated by the Kubernetes system.
optional VolumeAttachmentSpec spec = 2;
// Status of the VolumeAttachment request.
// Populated by the entity completing the attach or detach
// operation, i.e. the external-attacher.
// +optional
optional VolumeAttachmentStatus status = 3;
}
// VolumeAttachmentList is a collection of VolumeAttachment objects.
message VolumeAttachmentList {
// Standard list metadata
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// Items is the list of VolumeAttachments
repeated VolumeAttachment items = 2;
}
// VolumeAttachmentSource represents a volume that should be attached.
// Right now only PersistenVolumes can be attached via external attacher,
// in future we may allow also inline volumes in pods.
// Exactly one member can be set.
message VolumeAttachmentSource {
// Name of the persistent volume to attach.
// +optional
optional string persistentVolumeName = 1;
// inlineVolumeSpec contains all the information necessary to attach
// a persistent volume defined by a pod's inline VolumeSource. This field
// is populated only for the CSIMigration feature. It contains
// translated fields from a pod's inline VolumeSource to a
// PersistentVolumeSpec. This field is alpha-level and is only
// honored by servers that enabled the CSIMigration feature.
// +optional
optional k8s.io.api.core.v1.PersistentVolumeSpec inlineVolumeSpec = 2;
}
// VolumeAttachmentSpec is the specification of a VolumeAttachment request.
message VolumeAttachmentSpec {
// Attacher indicates the name of the volume driver that MUST handle this
// request. This is the name returned by GetPluginName().
optional string attacher = 1;
// Source represents the volume that should be attached.
optional VolumeAttachmentSource source = 2;
// The node that the volume should be attached to.
optional string nodeName = 3;
}
// VolumeAttachmentStatus is the status of a VolumeAttachment request.
message VolumeAttachmentStatus {
// Indicates the volume is successfully attached.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
optional bool attached = 1;
// Upon successful attach, this field is populated with any
// information returned by the attach operation that must be passed
// into subsequent WaitForAttach or Mount calls.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
// +optional
map<string, string> attachmentMetadata = 2;
// The last error encountered during attach operation, if any.
// This field must only be set by the entity completing the attach
// operation, i.e. the external-attacher.
// +optional
optional VolumeError attachError = 3;
// The last error encountered during detach operation, if any.
// This field must only be set by the entity completing the detach
// operation, i.e. the external-attacher.
// +optional
optional VolumeError detachError = 4;
}
// VolumeError captures an error encountered during a volume operation.
message VolumeError {
// Time the error was encountered.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time time = 1;
// String detailing the error encountered during Attach or Detach operation.
// This string may be logged, so it should not contain sensitive
// information.
// +optional
optional string message = 2;
}
// VolumeNodeResources is a set of resource limits for scheduling of volumes.
message VolumeNodeResources {
// Maximum number of unique volumes managed by the CSI driver that can be used on a node.
// A volume that is both attached and mounted on a node is considered to be used once, not twice.
// The same rule applies for a unique volume that is shared among multiple pods on the same node.
// If this field is nil, then the supported number of volumes on this node is unbounded.
// +optional
optional int32 count = 1;
}

4
vendor/k8s.io/apiextensions-apiserver/pkg/features/OWNERS generated vendored Normal file
View File

@ -0,0 +1,4 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- feature-approvers

25
vendor/k8s.io/apimachinery/pkg/api/errors/OWNERS generated vendored Normal file
View File

@ -0,0 +1,25 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- thockin
- lavalamp
- smarterclayton
- wojtek-t
- deads2k
- brendandburns
- derekwaynecarr
- caesarxuchao
- mikedanese
- liggitt
- nikhiljindal
- gmarek
- erictune
- saad-ali
- janetkuo
- tallclair
- eparis
- dims
- hongchaodeng
- krousey
- cjcullen
- david-mcmahon

23
vendor/k8s.io/apimachinery/pkg/api/meta/OWNERS generated vendored Normal file
View File

@ -0,0 +1,23 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- thockin
- smarterclayton
- wojtek-t
- deads2k
- brendandburns
- derekwaynecarr
- caesarxuchao
- mikedanese
- liggitt
- nikhiljindal
- gmarek
- janetkuo
- ncdc
- eparis
- dims
- krousey
- resouer
- david-mcmahon
- mfojtik
- jianhuiz

16
vendor/k8s.io/apimachinery/pkg/api/resource/OWNERS generated vendored Normal file
View File

@ -0,0 +1,16 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- thockin
- lavalamp
- smarterclayton
- wojtek-t
- derekwaynecarr
- mikedanese
- saad-ali
- janetkuo
- tallclair
- eparis
- xiang90
- mbohlool
- david-mcmahon

88
vendor/k8s.io/apimachinery/pkg/api/resource/generated.proto generated vendored Normal file
View File

@ -0,0 +1,88 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apimachinery.pkg.api.resource;
// Package-wide variables from generator "generated".
option go_package = "resource";
// Quantity is a fixed-point representation of a number.
// It provides convenient marshaling/unmarshaling in JSON and YAML,
// in addition to String() and AsInt64() accessors.
//
// The serialization format is:
//
// <quantity> ::= <signedNumber><suffix>
// (Note that <suffix> may be empty, from the "" case in <decimalSI>.)
// <digit> ::= 0 | 1 | ... | 9
// <digits> ::= <digit> | <digit><digits>
// <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits>
// <sign> ::= "+" | "-"
// <signedNumber> ::= <number> | <sign><number>
// <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI>
// <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei
// (International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)
// <decimalSI> ::= m | "" | k | M | G | T | P | E
// (Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)
// <decimalExponent> ::= "e" <signedNumber> | "E" <signedNumber>
//
// No matter which of the three exponent forms is used, no quantity may represent
// a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal
// places. Numbers larger or more precise will be capped or rounded up.
// (E.g.: 0.1m will rounded up to 1m.)
// This may be extended in the future if we require larger or smaller quantities.
//
// When a Quantity is parsed from a string, it will remember the type of suffix
// it had, and will use the same type again when it is serialized.
//
// Before serializing, Quantity will be put in "canonical form".
// This means that Exponent/suffix will be adjusted up or down (with a
// corresponding increase or decrease in Mantissa) such that:
// a. No precision is lost
// b. No fractional digits will be emitted
// c. The exponent (or suffix) is as large as possible.
// The sign will be omitted unless the number is negative.
//
// Examples:
// 1.5 will be serialized as "1500m"
// 1.5Gi will be serialized as "1536Mi"
//
// Note that the quantity will NEVER be internally represented by a
// floating point number. That is the whole point of this exercise.
//
// Non-canonical values will still parse as long as they are well formed,
// but will be re-emitted in their canonical form. (So always use canonical
// form, or don't diff.)
//
// This format is intended to make it difficult to use these numbers without
// writing some sort of special handling code in the hopes that that will
// cause implementors to also use a fixed point implementation.
//
// +protobuf=true
// +protobuf.embed=string
// +protobuf.options.marshal=false
// +protobuf.options.(gogoproto.goproto_stringer)=false
// +k8s:deepcopy-gen=true
// +k8s:openapi-gen=true
message Quantity {
optional string string = 1;
}

32
vendor/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS generated vendored Normal file
View File

@ -0,0 +1,32 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- thockin
- smarterclayton
- wojtek-t
- deads2k
- brendandburns
- caesarxuchao
- liggitt
- nikhiljindal
- gmarek
- erictune
- davidopp
- sttts
- quinton-hoole
- luxas
- janetkuo
- justinsb
- ncdc
- soltysh
- dims
- madhusudancs
- hongchaodeng
- krousey
- mml
- mbohlool
- david-mcmahon
- therc
- mqliang
- kevin-wangzefeng
- jianhuiz

1024
vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

42
vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,42 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apimachinery.pkg.apis.meta.v1beta1;
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// PartialObjectMetadataList contains a list of objects containing only their metadata.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
message PartialObjectMetadataList {
// Standard list metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 2;
// items contains each of the included items.
repeated k8s.io.apimachinery.pkg.apis.meta.v1.PartialObjectMetadata items = 1;
}

127
vendor/k8s.io/apimachinery/pkg/runtime/generated.proto generated vendored Normal file
View File

@ -0,0 +1,127 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apimachinery.pkg.runtime;
// Package-wide variables from generator "generated".
option go_package = "runtime";
// RawExtension is used to hold extensions in external versions.
//
// To use this, make a field which has RawExtension as its type in your external, versioned
// struct, and Object in your internal struct. You also need to register your
// various plugin types.
//
// // Internal package:
// type MyAPIObject struct {
// runtime.TypeMeta `json:",inline"`
// MyPlugin runtime.Object `json:"myPlugin"`
// }
// type PluginA struct {
// AOption string `json:"aOption"`
// }
//
// // External package:
// type MyAPIObject struct {
// runtime.TypeMeta `json:",inline"`
// MyPlugin runtime.RawExtension `json:"myPlugin"`
// }
// type PluginA struct {
// AOption string `json:"aOption"`
// }
//
// // On the wire, the JSON will look something like this:
// {
// "kind":"MyAPIObject",
// "apiVersion":"v1",
// "myPlugin": {
// "kind":"PluginA",
// "aOption":"foo",
// },
// }
//
// So what happens? Decode first uses json or yaml to unmarshal the serialized data into
// your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked.
// The next step is to copy (using pkg/conversion) into the internal struct. The runtime
// package's DefaultScheme has conversion functions installed which will unpack the
// JSON stored in RawExtension, turning it into the correct object type, and storing it
// in the Object. (TODO: In the case where the object is of an unknown type, a
// runtime.Unknown object will be created and stored.)
//
// +k8s:deepcopy-gen=true
// +protobuf=true
// +k8s:openapi-gen=true
message RawExtension {
// Raw is the underlying serialization of this object.
//
// TODO: Determine how to detect ContentType and ContentEncoding of 'Raw' data.
optional bytes raw = 1;
}
// TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type,
// like this:
// type MyAwesomeAPIObject struct {
// runtime.TypeMeta `json:",inline"`
// ... // other fields
// }
// func (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind
//
// TypeMeta is provided here for convenience. You may use it directly from this package or define
// your own with the same fields.
//
// +k8s:deepcopy-gen=false
// +protobuf=true
// +k8s:openapi-gen=true
message TypeMeta {
// +optional
optional string apiVersion = 1;
// +optional
optional string kind = 2;
}
// Unknown allows api objects with unknown types to be passed-through. This can be used
// to deal with the API objects from a plug-in. Unknown objects still have functioning
// TypeMeta features-- kind, version, etc.
// TODO: Make this object have easy access to field based accessors and settors for
// metadata and field mutatation.
//
// +k8s:deepcopy-gen=true
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +protobuf=true
// +k8s:openapi-gen=true
message Unknown {
optional TypeMeta typeMeta = 1;
// Raw will hold the complete serialized object which couldn't be matched
// with a registered type. Most likely, nothing should be done with this
// except for passing it through the system.
optional bytes raw = 2;
// ContentEncoding is encoding used to encode 'Raw' data.
// Unspecified means no encoding.
optional string contentEncoding = 3;
// ContentType is serialization method used to serialize 'Raw'.
// Unspecified means ContentTypeJSON.
optional string contentType = 4;
}

17
vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/doc.go → vendor/k8s.io/apimachinery/pkg/runtime/schema/generated.proto generated vendored
View File

@ -1,5 +1,5 @@
/*
Copyright 2017 The Kubernetes Authors.
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -14,10 +14,13 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
// +k8s:deepcopy-gen=package
// +k8s:conversion-gen=k8s.io/apiserver/pkg/apis/apiserver
// +k8s:defaulter-gen=TypeMeta
// +groupName=apiserver.k8s.io
// Package v1alpha1 is the v1alpha1 version of the API.
package v1alpha1 // import "k8s.io/apiserver/pkg/apis/apiserver/v1alpha1"
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apimachinery.pkg.runtime.schema;
// Package-wide variables from generator "generated".
option go_package = "schema";

43
vendor/k8s.io/apimachinery/pkg/util/intstr/generated.proto generated vendored Normal file
View File

@ -0,0 +1,43 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apimachinery.pkg.util.intstr;
// Package-wide variables from generator "generated".
option go_package = "intstr";
// IntOrString is a type that can hold an int32 or a string. When used in
// JSON or YAML marshalling and unmarshalling, it produces or consumes the
// inner type. This allows you to have, for example, a JSON field that can
// accept a name or number.
// TODO: Rename to Int32OrString
//
// +protobuf=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
// +k8s:openapi-gen=true
message IntOrString {
optional int64 type = 1;
optional int32 intVal = 2;
optional string strVal = 3;
}

7
vendor/k8s.io/apimachinery/pkg/util/mergepatch/OWNERS generated vendored Normal file
View File

@ -0,0 +1,7 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- pwittrock
reviewers:
- mengqiy
- apelisse

8
vendor/k8s.io/apimachinery/pkg/util/strategicpatch/OWNERS generated vendored Normal file
View File

@ -0,0 +1,8 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- pwittrock
- mengqiy
reviewers:
- mengqiy
- apelisse

7
vendor/k8s.io/apimachinery/third_party/forked/golang/json/OWNERS generated vendored Normal file
View File

@ -0,0 +1,7 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- pwittrock
reviewers:
- mengqiy
- apelisse

38
vendor/k8s.io/apiserver/pkg/apis/apiserver/install/install.go generated vendored
View File

@ -1,38 +0,0 @@
/*
Copyright 2017 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package install
import (
"k8s.io/apimachinery/pkg/runtime"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apiserver/pkg/apis/apiserver"
"k8s.io/apiserver/pkg/apis/apiserver/v1"
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1"
)
// Install registers the API group and adds types to a scheme
func Install(scheme *runtime.Scheme) {
utilruntime.Must(apiserver.AddToScheme(scheme))
// v1alpha is in the k8s.io-suffixed API group
utilruntime.Must(v1alpha1.AddToScheme(scheme))
utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion))
// v1 is in the config.k8s.io-suffixed API group
utilruntime.Must(v1.AddToScheme(scheme))
utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion))
}

53
vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/register.go generated vendored
View File

@ -1,53 +0,0 @@
/*
Copyright 2017 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1alpha1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
)
const GroupName = "apiserver.k8s.io"
// SchemeGroupVersion is group version used to register these objects
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
var (
// TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
SchemeBuilder runtime.SchemeBuilder
localSchemeBuilder = &SchemeBuilder
AddToScheme = localSchemeBuilder.AddToScheme
)
func init() {
// We only register manually written functions here. The registration of the
// generated functions takes place in the generated files. The separation
// makes the code compile even when the generated files are missing.
localSchemeBuilder.Register(addKnownTypes)
}
// Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&AdmissionConfiguration{},
&EgressSelectorConfiguration{},
)
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil
}

110
vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go generated vendored
View File

@ -1,110 +0,0 @@
/*
Copyright 2017 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1alpha1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
)
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// AdmissionConfiguration provides versioned configuration for admission controllers.
type AdmissionConfiguration struct {
metav1.TypeMeta `json:",inline"`
// Plugins allows specifying a configuration per admission control plugin.
// +optional
Plugins []AdmissionPluginConfiguration `json:"plugins"`
}
// AdmissionPluginConfiguration provides the configuration for a single plug-in.
type AdmissionPluginConfiguration struct {
// Name is the name of the admission controller.
// It must match the registered admission plugin name.
Name string `json:"name"`
// Path is the path to a configuration file that contains the plugin's
// configuration
// +optional
Path string `json:"path"`
// Configuration is an embedded configuration object to be used as the plugin's
// configuration. If present, it will be used instead of the path to the configuration file.
// +optional
Configuration *runtime.Unknown `json:"configuration"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// EgressSelectorConfiguration provides versioned configuration for egress selector clients.
type EgressSelectorConfiguration struct {
metav1.TypeMeta `json:",inline"`
// connectionServices contains a list of egress selection client configurations
EgressSelections []EgressSelection `json:"egressSelections"`
}
// EgressSelection provides the configuration for a single egress selection client.
type EgressSelection struct {
// name is the name of the egress selection.
// Currently supported values are "Master", "Etcd" and "Cluster"
Name string `json:"name"`
// connection is the exact information used to configure the egress selection
Connection Connection `json:"connection"`
}
// Connection provides the configuration for a single egress selection client.
type Connection struct {
// type is the type of connection used to connect from client to network/konnectivity server.
// Currently supported values are "http-connect" and "direct".
Type string `json:"type"`
// httpConnect is the config needed to use http-connect to the konnectivity server.
// Absence when the type is "http-connect" will cause an error
// Presence when the type is "direct" will also cause an error
// +optional
HTTPConnect *HTTPConnectConfig `json:"httpConnect,omitempty"`
}
type HTTPConnectConfig struct {
// url is the location of the proxy server to connect to.
// As an example it might be "https://127.0.0.1:8131"
URL string `json:"url"`
// caBundle is the file location of the CA to be used to determine trust with the konnectivity server.
// Must be absent/empty http-connect using the plain http
// Must be configured for http-connect using the https protocol
// Misconfiguration will cause an error
// +optional
CABundle string `json:"caBundle,omitempty"`
// clientKey is the file location of the client key to be used in mtls handshakes with the konnectivity server.
// Must be absent/empty http-connect using the plain http
// Must be configured for http-connect using the https protocol
// Misconfiguration will cause an error
// +optional
ClientKey string `json:"clientKey,omitempty"`
// clientCert is the file location of the client certificate to be used in mtls handshakes with the konnectivity server.
// Must be absent/empty http-connect using the plain http
// Must be configured for http-connect using the https protocol
// Misconfiguration will cause an error
// +optional
ClientCert string `json:"clientCert,omitempty"`
}

237
vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go generated vendored
View File

@ -1,237 +0,0 @@
// +build !ignore_autogenerated
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by conversion-gen. DO NOT EDIT.
package v1alpha1
import (
unsafe "unsafe"
conversion "k8s.io/apimachinery/pkg/conversion"
runtime "k8s.io/apimachinery/pkg/runtime"
apiserver "k8s.io/apiserver/pkg/apis/apiserver"
)
func init() {
localSchemeBuilder.Register(RegisterConversions)
}
// RegisterConversions adds conversion functions to the given scheme.
// Public to allow building arbitrary schemes.
func RegisterConversions(s *runtime.Scheme) error {
if err := s.AddGeneratedConversionFunc((*AdmissionConfiguration)(nil), (*apiserver.AdmissionConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha1_AdmissionConfiguration_To_apiserver_AdmissionConfiguration(a.(*AdmissionConfiguration), b.(*apiserver.AdmissionConfiguration), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*apiserver.AdmissionConfiguration)(nil), (*AdmissionConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_apiserver_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration(a.(*apiserver.AdmissionConfiguration), b.(*AdmissionConfiguration), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*AdmissionPluginConfiguration)(nil), (*apiserver.AdmissionPluginConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha1_AdmissionPluginConfiguration_To_apiserver_AdmissionPluginConfiguration(a.(*AdmissionPluginConfiguration), b.(*apiserver.AdmissionPluginConfiguration), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*apiserver.AdmissionPluginConfiguration)(nil), (*AdmissionPluginConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_apiserver_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(a.(*apiserver.AdmissionPluginConfiguration), b.(*AdmissionPluginConfiguration), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*Connection)(nil), (*apiserver.Connection)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha1_Connection_To_apiserver_Connection(a.(*Connection), b.(*apiserver.Connection), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*apiserver.Connection)(nil), (*Connection)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_apiserver_Connection_To_v1alpha1_Connection(a.(*apiserver.Connection), b.(*Connection), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*EgressSelection)(nil), (*apiserver.EgressSelection)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha1_EgressSelection_To_apiserver_EgressSelection(a.(*EgressSelection), b.(*apiserver.EgressSelection), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*apiserver.EgressSelection)(nil), (*EgressSelection)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_apiserver_EgressSelection_To_v1alpha1_EgressSelection(a.(*apiserver.EgressSelection), b.(*EgressSelection), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*EgressSelectorConfiguration)(nil), (*apiserver.EgressSelectorConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha1_EgressSelectorConfiguration_To_apiserver_EgressSelectorConfiguration(a.(*EgressSelectorConfiguration), b.(*apiserver.EgressSelectorConfiguration), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*apiserver.EgressSelectorConfiguration)(nil), (*EgressSelectorConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_apiserver_EgressSelectorConfiguration_To_v1alpha1_EgressSelectorConfiguration(a.(*apiserver.EgressSelectorConfiguration), b.(*EgressSelectorConfiguration), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*HTTPConnectConfig)(nil), (*apiserver.HTTPConnectConfig)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha1_HTTPConnectConfig_To_apiserver_HTTPConnectConfig(a.(*HTTPConnectConfig), b.(*apiserver.HTTPConnectConfig), scope)
}); err != nil {
return err
}
if err := s.AddGeneratedConversionFunc((*apiserver.HTTPConnectConfig)(nil), (*HTTPConnectConfig)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_apiserver_HTTPConnectConfig_To_v1alpha1_HTTPConnectConfig(a.(*apiserver.HTTPConnectConfig), b.(*HTTPConnectConfig), scope)
}); err != nil {
return err
}
return nil
}
func autoConvert_v1alpha1_AdmissionConfiguration_To_apiserver_AdmissionConfiguration(in *AdmissionConfiguration, out *apiserver.AdmissionConfiguration, s conversion.Scope) error {
out.Plugins = *(*[]apiserver.AdmissionPluginConfiguration)(unsafe.Pointer(&in.Plugins))
return nil
}
// Convert_v1alpha1_AdmissionConfiguration_To_apiserver_AdmissionConfiguration is an autogenerated conversion function.
func Convert_v1alpha1_AdmissionConfiguration_To_apiserver_AdmissionConfiguration(in *AdmissionConfiguration, out *apiserver.AdmissionConfiguration, s conversion.Scope) error {
return autoConvert_v1alpha1_AdmissionConfiguration_To_apiserver_AdmissionConfiguration(in, out, s)
}
func autoConvert_apiserver_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration(in *apiserver.AdmissionConfiguration, out *AdmissionConfiguration, s conversion.Scope) error {
out.Plugins = *(*[]AdmissionPluginConfiguration)(unsafe.Pointer(&in.Plugins))
return nil
}
// Convert_apiserver_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration is an autogenerated conversion function.
func Convert_apiserver_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration(in *apiserver.AdmissionConfiguration, out *AdmissionConfiguration, s conversion.Scope) error {
return autoConvert_apiserver_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration(in, out, s)
}
func autoConvert_v1alpha1_AdmissionPluginConfiguration_To_apiserver_AdmissionPluginConfiguration(in *AdmissionPluginConfiguration, out *apiserver.AdmissionPluginConfiguration, s conversion.Scope) error {
out.Name = in.Name
out.Path = in.Path
out.Configuration = (*runtime.Unknown)(unsafe.Pointer(in.Configuration))
return nil
}
// Convert_v1alpha1_AdmissionPluginConfiguration_To_apiserver_AdmissionPluginConfiguration is an autogenerated conversion function.
func Convert_v1alpha1_AdmissionPluginConfiguration_To_apiserver_AdmissionPluginConfiguration(in *AdmissionPluginConfiguration, out *apiserver.AdmissionPluginConfiguration, s conversion.Scope) error {
return autoConvert_v1alpha1_AdmissionPluginConfiguration_To_apiserver_AdmissionPluginConfiguration(in, out, s)
}
func autoConvert_apiserver_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(in *apiserver.AdmissionPluginConfiguration, out *AdmissionPluginConfiguration, s conversion.Scope) error {
out.Name = in.Name
out.Path = in.Path
out.Configuration = (*runtime.Unknown)(unsafe.Pointer(in.Configuration))
return nil
}
// Convert_apiserver_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration is an autogenerated conversion function.
func Convert_apiserver_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(in *apiserver.AdmissionPluginConfiguration, out *AdmissionPluginConfiguration, s conversion.Scope) error {
return autoConvert_apiserver_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(in, out, s)
}
func autoConvert_v1alpha1_Connection_To_apiserver_Connection(in *Connection, out *apiserver.Connection, s conversion.Scope) error {
out.Type = in.Type
out.HTTPConnect = (*apiserver.HTTPConnectConfig)(unsafe.Pointer(in.HTTPConnect))
return nil
}
// Convert_v1alpha1_Connection_To_apiserver_Connection is an autogenerated conversion function.
func Convert_v1alpha1_Connection_To_apiserver_Connection(in *Connection, out *apiserver.Connection, s conversion.Scope) error {
return autoConvert_v1alpha1_Connection_To_apiserver_Connection(in, out, s)
}
func autoConvert_apiserver_Connection_To_v1alpha1_Connection(in *apiserver.Connection, out *Connection, s conversion.Scope) error {
out.Type = in.Type
out.HTTPConnect = (*HTTPConnectConfig)(unsafe.Pointer(in.HTTPConnect))
return nil
}
// Convert_apiserver_Connection_To_v1alpha1_Connection is an autogenerated conversion function.
func Convert_apiserver_Connection_To_v1alpha1_Connection(in *apiserver.Connection, out *Connection, s conversion.Scope) error {
return autoConvert_apiserver_Connection_To_v1alpha1_Connection(in, out, s)
}
func autoConvert_v1alpha1_EgressSelection_To_apiserver_EgressSelection(in *EgressSelection, out *apiserver.EgressSelection, s conversion.Scope) error {
out.Name = in.Name
if err := Convert_v1alpha1_Connection_To_apiserver_Connection(&in.Connection, &out.Connection, s); err != nil {
return err
}
return nil
}
// Convert_v1alpha1_EgressSelection_To_apiserver_EgressSelection is an autogenerated conversion function.
func Convert_v1alpha1_EgressSelection_To_apiserver_EgressSelection(in *EgressSelection, out *apiserver.EgressSelection, s conversion.Scope) error {
return autoConvert_v1alpha1_EgressSelection_To_apiserver_EgressSelection(in, out, s)
}
func autoConvert_apiserver_EgressSelection_To_v1alpha1_EgressSelection(in *apiserver.EgressSelection, out *EgressSelection, s conversion.Scope) error {
out.Name = in.Name
if err := Convert_apiserver_Connection_To_v1alpha1_Connection(&in.Connection, &out.Connection, s); err != nil {
return err
}
return nil
}
// Convert_apiserver_EgressSelection_To_v1alpha1_EgressSelection is an autogenerated conversion function.
func Convert_apiserver_EgressSelection_To_v1alpha1_EgressSelection(in *apiserver.EgressSelection, out *EgressSelection, s conversion.Scope) error {
return autoConvert_apiserver_EgressSelection_To_v1alpha1_EgressSelection(in, out, s)
}
func autoConvert_v1alpha1_EgressSelectorConfiguration_To_apiserver_EgressSelectorConfiguration(in *EgressSelectorConfiguration, out *apiserver.EgressSelectorConfiguration, s conversion.Scope) error {
out.EgressSelections = *(*[]apiserver.EgressSelection)(unsafe.Pointer(&in.EgressSelections))
return nil
}
// Convert_v1alpha1_EgressSelectorConfiguration_To_apiserver_EgressSelectorConfiguration is an autogenerated conversion function.
func Convert_v1alpha1_EgressSelectorConfiguration_To_apiserver_EgressSelectorConfiguration(in *EgressSelectorConfiguration, out *apiserver.EgressSelectorConfiguration, s conversion.Scope) error {
return autoConvert_v1alpha1_EgressSelectorConfiguration_To_apiserver_EgressSelectorConfiguration(in, out, s)
}
func autoConvert_apiserver_EgressSelectorConfiguration_To_v1alpha1_EgressSelectorConfiguration(in *apiserver.EgressSelectorConfiguration, out *EgressSelectorConfiguration, s conversion.Scope) error {
out.EgressSelections = *(*[]EgressSelection)(unsafe.Pointer(&in.EgressSelections))
return nil
}
// Convert_apiserver_EgressSelectorConfiguration_To_v1alpha1_EgressSelectorConfiguration is an autogenerated conversion function.
func Convert_apiserver_EgressSelectorConfiguration_To_v1alpha1_EgressSelectorConfiguration(in *apiserver.EgressSelectorConfiguration, out *EgressSelectorConfiguration, s conversion.Scope) error {
return autoConvert_apiserver_EgressSelectorConfiguration_To_v1alpha1_EgressSelectorConfiguration(in, out, s)
}
func autoConvert_v1alpha1_HTTPConnectConfig_To_apiserver_HTTPConnectConfig(in *HTTPConnectConfig, out *apiserver.HTTPConnectConfig, s conversion.Scope) error {
out.URL = in.URL
out.CABundle = in.CABundle
out.ClientKey = in.ClientKey
out.ClientCert = in.ClientCert
return nil
}
// Convert_v1alpha1_HTTPConnectConfig_To_apiserver_HTTPConnectConfig is an autogenerated conversion function.
func Convert_v1alpha1_HTTPConnectConfig_To_apiserver_HTTPConnectConfig(in *HTTPConnectConfig, out *apiserver.HTTPConnectConfig, s conversion.Scope) error {
return autoConvert_v1alpha1_HTTPConnectConfig_To_apiserver_HTTPConnectConfig(in, out, s)
}
func autoConvert_apiserver_HTTPConnectConfig_To_v1alpha1_HTTPConnectConfig(in *apiserver.HTTPConnectConfig, out *HTTPConnectConfig, s conversion.Scope) error {
out.URL = in.URL
out.CABundle = in.CABundle
out.ClientKey = in.ClientKey
out.ClientCert = in.ClientCert
return nil
}
// Convert_apiserver_HTTPConnectConfig_To_v1alpha1_HTTPConnectConfig is an autogenerated conversion function.
func Convert_apiserver_HTTPConnectConfig_To_v1alpha1_HTTPConnectConfig(in *apiserver.HTTPConnectConfig, out *HTTPConnectConfig, s conversion.Scope) error {
return autoConvert_apiserver_HTTPConnectConfig_To_v1alpha1_HTTPConnectConfig(in, out, s)
}

164
vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go generated vendored
View File

@ -1,164 +0,0 @@
// +build !ignore_autogenerated
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by deepcopy-gen. DO NOT EDIT.
package v1alpha1
import (
runtime "k8s.io/apimachinery/pkg/runtime"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AdmissionConfiguration) DeepCopyInto(out *AdmissionConfiguration) {
*out = *in
out.TypeMeta = in.TypeMeta
if in.Plugins != nil {
in, out := &in.Plugins, &out.Plugins
*out = make([]AdmissionPluginConfiguration, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdmissionConfiguration.
func (in *AdmissionConfiguration) DeepCopy() *AdmissionConfiguration {
if in == nil {
return nil
}
out := new(AdmissionConfiguration)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *AdmissionConfiguration) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AdmissionPluginConfiguration) DeepCopyInto(out *AdmissionPluginConfiguration) {
*out = *in
if in.Configuration != nil {
in, out := &in.Configuration, &out.Configuration
*out = new(runtime.Unknown)
(*in).DeepCopyInto(*out)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdmissionPluginConfiguration.
func (in *AdmissionPluginConfiguration) DeepCopy() *AdmissionPluginConfiguration {
if in == nil {
return nil
}
out := new(AdmissionPluginConfiguration)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Connection) DeepCopyInto(out *Connection) {
*out = *in
if in.HTTPConnect != nil {
in, out := &in.HTTPConnect, &out.HTTPConnect
*out = new(HTTPConnectConfig)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Connection.
func (in *Connection) DeepCopy() *Connection {
if in == nil {
return nil
}
out := new(Connection)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *EgressSelection) DeepCopyInto(out *EgressSelection) {
*out = *in
in.Connection.DeepCopyInto(&out.Connection)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressSelection.
func (in *EgressSelection) DeepCopy() *EgressSelection {
if in == nil {
return nil
}
out := new(EgressSelection)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *EgressSelectorConfiguration) DeepCopyInto(out *EgressSelectorConfiguration) {
*out = *in
out.TypeMeta = in.TypeMeta
if in.EgressSelections != nil {
in, out := &in.EgressSelections, &out.EgressSelections
*out = make([]EgressSelection, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressSelectorConfiguration.
func (in *EgressSelectorConfiguration) DeepCopy() *EgressSelectorConfiguration {
if in == nil {
return nil
}
out := new(EgressSelectorConfiguration)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *EgressSelectorConfiguration) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *HTTPConnectConfig) DeepCopyInto(out *HTTPConnectConfig) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPConnectConfig.
func (in *HTTPConnectConfig) DeepCopy() *HTTPConnectConfig {
if in == nil {
return nil
}
out := new(HTTPConnectConfig)
in.DeepCopyInto(out)
return out
}

32
vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.defaults.go generated vendored
View File

@ -1,32 +0,0 @@
// +build !ignore_autogenerated
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by defaulter-gen. DO NOT EDIT.
package v1alpha1
import (
runtime "k8s.io/apimachinery/pkg/runtime"
)
// RegisterDefaults adds defaulters functions to the given scheme.
// Public to allow building arbitrary schemes.
// All generated defaulters are covering - they call all nested defaulters.
func RegisterDefaults(scheme *runtime.Scheme) error {
return nil
}

9
vendor/k8s.io/apiserver/pkg/apis/audit/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
# approval on api packages bubbles to api-approvers
reviewers:
- sig-auth-audit-approvers
- sig-auth-audit-reviewers
labels:
- sig/auth

249
vendor/k8s.io/apiserver/pkg/apis/audit/v1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,249 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apiserver.pkg.apis.audit.v1;
import "k8s.io/api/authentication/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1";
// Event captures all the information that can be included in an API audit log.
message Event {
// AuditLevel at which event was generated
optional string level = 1;
// Unique audit ID, generated for each request.
optional string auditID = 2;
// Stage of the request handling when this event instance was generated.
optional string stage = 3;
// RequestURI is the request URI as sent by the client to a server.
optional string requestURI = 4;
// Verb is the kubernetes verb associated with the request.
// For non-resource requests, this is the lower-cased HTTP method.
optional string verb = 5;
// Authenticated user information.
optional k8s.io.api.authentication.v1.UserInfo user = 6;
// Impersonated user information.
// +optional
optional k8s.io.api.authentication.v1.UserInfo impersonatedUser = 7;
// Source IPs, from where the request originated and intermediate proxies.
// +optional
repeated string sourceIPs = 8;
// UserAgent records the user agent string reported by the client.
// Note that the UserAgent is provided by the client, and must not be trusted.
// +optional
optional string userAgent = 16;
// Object reference this request is targeted at.
// Does not apply for List-type requests, or non-resource requests.
// +optional
optional ObjectReference objectRef = 9;
// The response status, populated even when the ResponseObject is not a Status type.
// For successful responses, this will only include the Code and StatusSuccess.
// For non-status type error responses, this will be auto-populated with the error Message.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Status responseStatus = 10;
// API object from the request, in JSON format. The RequestObject is recorded as-is in the request
// (possibly re-encoded as JSON), prior to version conversion, defaulting, admission or
// merging. It is an external versioned object type, and may not be a valid object on its own.
// Omitted for non-resource requests. Only logged at Request Level and higher.
// +optional
optional k8s.io.apimachinery.pkg.runtime.Unknown requestObject = 11;
// API object returned in the response, in JSON. The ResponseObject is recorded after conversion
// to the external type, and serialized as JSON. Omitted for non-resource requests. Only logged
// at Response Level.
// +optional
optional k8s.io.apimachinery.pkg.runtime.Unknown responseObject = 12;
// Time the request reached the apiserver.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime requestReceivedTimestamp = 13;
// Time the request reached current audit stage.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime stageTimestamp = 14;
// Annotations is an unstructured key value map stored with an audit event that may be set by
// plugins invoked in the request serving chain, including authentication, authorization and
// admission plugins. Note that these annotations are for the audit event, and do not correspond
// to the metadata.annotations of the submitted object. Keys should uniquely identify the informing
// component to avoid name collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values
// should be short. Annotations are included in the Metadata level.
// +optional
map<string, string> annotations = 15;
}
// EventList is a list of audit Events.
message EventList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated Event items = 2;
}
// GroupResources represents resource kinds in an API group.
message GroupResources {
// Group is the name of the API group that contains the resources.
// The empty string represents the core API group.
// +optional
optional string group = 1;
// Resources is a list of resources this rule applies to.
//
// For example:
// 'pods' matches pods.
// 'pods/log' matches the log subresource of pods.
// '*' matches all resources and their subresources.
// 'pods/*' matches all subresources of pods.
// '*/scale' matches all scale subresources.
//
// If wildcard is present, the validation rule will ensure resources do not
// overlap with each other.
//
// An empty list implies all resources and subresources in this API groups apply.
// +optional
repeated string resources = 2;
// ResourceNames is a list of resource instance names that the policy matches.
// Using this field requires Resources to be specified.
// An empty list implies that every instance of the resource is matched.
// +optional
repeated string resourceNames = 3;
}
// ObjectReference contains enough information to let you inspect or modify the referred object.
message ObjectReference {
// +optional
optional string resource = 1;
// +optional
optional string namespace = 2;
// +optional
optional string name = 3;
// +optional
optional string uid = 4;
// APIGroup is the name of the API group that contains the referred object.
// The empty string represents the core API group.
// +optional
optional string apiGroup = 5;
// APIVersion is the version of the API group that contains the referred object.
// +optional
optional string apiVersion = 6;
// +optional
optional string resourceVersion = 7;
// +optional
optional string subresource = 8;
}
// Policy defines the configuration of audit logging, and the rules for how different request
// categories are logged.
message Policy {
// ObjectMeta is included for interoperability with API infrastructure.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules specify the audit Level a request should be recorded at.
// A request may match multiple rules, in which case the FIRST matching rule is used.
// The default audit level is None, but can be overridden by a catch-all rule at the end of the list.
// PolicyRules are strictly ordered.
repeated PolicyRule rules = 2;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified per rule in which case the union of both are omitted.
// +optional
repeated string omitStages = 3;
}
// PolicyList is a list of audit Policies.
message PolicyList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated Policy items = 2;
}
// PolicyRule maps requests based off metadata to an audit Level.
// Requests must match the rules of every field (an intersection of rules).
message PolicyRule {
// The Level that requests matching this rule are recorded at.
optional string level = 1;
// The users (by authenticated user name) this rule applies to.
// An empty list implies every user.
// +optional
repeated string users = 2;
// The user groups this rule applies to. A user is considered matching
// if it is a member of any of the UserGroups.
// An empty list implies every user group.
// +optional
repeated string userGroups = 3;
// The verbs that match this rule.
// An empty list implies every verb.
// +optional
repeated string verbs = 4;
// Resources that this rule matches. An empty list implies all kinds in all API groups.
// +optional
repeated GroupResources resources = 5;
// Namespaces that this rule matches.
// The empty string "" matches non-namespaced resources.
// An empty list implies every namespace.
// +optional
repeated string namespaces = 6;
// NonResourceURLs is a set of URL paths that should be audited.
// *s are allowed, but only as the full, final step in the path.
// Examples:
// "/metrics" - Log requests for apiserver metrics
// "/healthz*" - Log all health checks
// +optional
repeated string nonResourceURLs = 7;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified policy wide in which case the union of both are omitted.
// An empty list means no restrictions will apply.
// +optional
repeated string omitStages = 8;
}

250
vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,250 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apiserver.pkg.apis.audit.v1alpha1;
import "k8s.io/api/authentication/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1alpha1";
// Event captures all the information that can be included in an API audit log.
message Event {
// ObjectMeta is included for interoperability with API infrastructure.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// AuditLevel at which event was generated
optional string level = 2;
// Time the request reached the apiserver.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time timestamp = 3;
// Unique audit ID, generated for each request.
optional string auditID = 4;
// Stage of the request handling when this event instance was generated.
optional string stage = 5;
// RequestURI is the request URI as sent by the client to a server.
optional string requestURI = 6;
// Verb is the kubernetes verb associated with the request.
// For non-resource requests, this is the lower-cased HTTP method.
optional string verb = 7;
// Authenticated user information.
optional k8s.io.api.authentication.v1.UserInfo user = 8;
// Impersonated user information.
// +optional
optional k8s.io.api.authentication.v1.UserInfo impersonatedUser = 9;
// Source IPs, from where the request originated and intermediate proxies.
// +optional
repeated string sourceIPs = 10;
// UserAgent records the user agent string reported by the client.
// Note that the UserAgent is provided by the client, and must not be trusted.
// +optional
optional string userAgent = 18;
// Object reference this request is targeted at.
// Does not apply for List-type requests, or non-resource requests.
// +optional
optional ObjectReference objectRef = 11;
// The response status, populated even when the ResponseObject is not a Status type.
// For successful responses, this will only include the Code and StatusSuccess.
// For non-status type error responses, this will be auto-populated with the error Message.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Status responseStatus = 12;
// API object from the request, in JSON format. The RequestObject is recorded as-is in the request
// (possibly re-encoded as JSON), prior to version conversion, defaulting, admission or
// merging. It is an external versioned object type, and may not be a valid object on its own.
// Omitted for non-resource requests. Only logged at Request Level and higher.
// +optional
optional k8s.io.apimachinery.pkg.runtime.Unknown requestObject = 13;
// API object returned in the response, in JSON. The ResponseObject is recorded after conversion
// to the external type, and serialized as JSON. Omitted for non-resource requests. Only logged
// at Response Level.
// +optional
optional k8s.io.apimachinery.pkg.runtime.Unknown responseObject = 14;
// Time the request reached the apiserver.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime requestReceivedTimestamp = 15;
// Time the request reached current audit stage.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime stageTimestamp = 16;
// Annotations is an unstructured key value map stored with an audit event that may be set by
// plugins invoked in the request serving chain, including authentication, authorization and
// admission plugins. Note that these annotations are for the audit event, and do not correspond
// to the metadata.annotations of the submitted object. Keys should uniquely identify the informing
// component to avoid name collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values
// should be short. Annotations are included in the Metadata level.
// +optional
map<string, string> annotations = 17;
}
// EventList is a list of audit Events.
message EventList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated Event items = 2;
}
// GroupResources represents resource kinds in an API group.
message GroupResources {
// Group is the name of the API group that contains the resources.
// The empty string represents the core API group.
// +optional
optional string group = 1;
// Resources is a list of resources this rule applies to.
//
// For example:
// 'pods' matches pods.
// 'pods/log' matches the log subresource of pods.
// '*' matches all resources and their subresources.
// 'pods/*' matches all subresources of pods.
// '*/scale' matches all scale subresources.
//
// If wildcard is present, the validation rule will ensure resources do not
// overlap with each other.
//
// An empty list implies all resources and subresources in this API groups apply.
// +optional
repeated string resources = 2;
// ResourceNames is a list of resource instance names that the policy matches.
// Using this field requires Resources to be specified.
// An empty list implies that every instance of the resource is matched.
// +optional
repeated string resourceNames = 3;
}
// ObjectReference contains enough information to let you inspect or modify the referred object.
message ObjectReference {
// +optional
optional string resource = 1;
// +optional
optional string namespace = 2;
// +optional
optional string name = 3;
// +optional
optional string uid = 4;
// +optional
optional string apiVersion = 5;
// +optional
optional string resourceVersion = 6;
// +optional
optional string subresource = 7;
}
// Policy defines the configuration of audit logging, and the rules for how different request
// categories are logged.
message Policy {
// ObjectMeta is included for interoperability with API infrastructure.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules specify the audit Level a request should be recorded at.
// A request may match multiple rules, in which case the FIRST matching rule is used.
// The default audit level is None, but can be overridden by a catch-all rule at the end of the list.
// PolicyRules are strictly ordered.
repeated PolicyRule rules = 2;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified per rule in which case the union of both are omitted.
// +optional
repeated string omitStages = 3;
}
// PolicyList is a list of audit Policies.
message PolicyList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated Policy items = 2;
}
// PolicyRule maps requests based off metadata to an audit Level.
// Requests must match the rules of every field (an intersection of rules).
message PolicyRule {
// The Level that requests matching this rule are recorded at.
optional string level = 1;
// The users (by authenticated user name) this rule applies to.
// An empty list implies every user.
// +optional
repeated string users = 2;
// The user groups this rule applies to. A user is considered matching
// if it is a member of any of the UserGroups.
// An empty list implies every user group.
// +optional
repeated string userGroups = 3;
// The verbs that match this rule.
// An empty list implies every verb.
// +optional
repeated string verbs = 4;
// Resources that this rule matches. An empty list implies all kinds in all API groups.
// +optional
repeated GroupResources resources = 5;
// Namespaces that this rule matches.
// The empty string "" matches non-namespaced resources.
// An empty list implies every namespace.
// +optional
repeated string namespaces = 6;
// NonResourceURLs is a set of URL paths that should be audited.
// *s are allowed, but only as the full, final step in the path.
// Examples:
// "/metrics" - Log requests for apiserver metrics
// "/healthz*" - Log all health checks
// +optional
repeated string nonResourceURLs = 7;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified policy wide in which case the union of both are omitted.
// An empty list means no restrictions will apply.
// +optional
repeated string omitStages = 8;
}

259
vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.proto generated vendored Normal file
View File

@ -0,0 +1,259 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.apiserver.pkg.apis.audit.v1beta1;
import "k8s.io/api/authentication/v1/generated.proto";
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// Event captures all the information that can be included in an API audit log.
message Event {
// ObjectMeta is included for interoperability with API infrastructure.
// +optional
// DEPRECATED: Use StageTimestamp which supports micro second instead of ObjectMeta.CreateTimestamp
// and the rest of the object is not used
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// AuditLevel at which event was generated
optional string level = 2;
// Time the request reached the apiserver.
// DEPRECATED: Use RequestReceivedTimestamp which supports micro second instead.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time timestamp = 3;
// Unique audit ID, generated for each request.
optional string auditID = 4;
// Stage of the request handling when this event instance was generated.
optional string stage = 5;
// RequestURI is the request URI as sent by the client to a server.
optional string requestURI = 6;
// Verb is the kubernetes verb associated with the request.
// For non-resource requests, this is the lower-cased HTTP method.
optional string verb = 7;
// Authenticated user information.
optional k8s.io.api.authentication.v1.UserInfo user = 8;
// Impersonated user information.
// +optional
optional k8s.io.api.authentication.v1.UserInfo impersonatedUser = 9;
// Source IPs, from where the request originated and intermediate proxies.
// +optional
repeated string sourceIPs = 10;
// UserAgent records the user agent string reported by the client.
// Note that the UserAgent is provided by the client, and must not be trusted.
// +optional
optional string userAgent = 18;
// Object reference this request is targeted at.
// Does not apply for List-type requests, or non-resource requests.
// +optional
optional ObjectReference objectRef = 11;
// The response status, populated even when the ResponseObject is not a Status type.
// For successful responses, this will only include the Code and StatusSuccess.
// For non-status type error responses, this will be auto-populated with the error Message.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Status responseStatus = 12;
// API object from the request, in JSON format. The RequestObject is recorded as-is in the request
// (possibly re-encoded as JSON), prior to version conversion, defaulting, admission or
// merging. It is an external versioned object type, and may not be a valid object on its own.
// Omitted for non-resource requests. Only logged at Request Level and higher.
// +optional
optional k8s.io.apimachinery.pkg.runtime.Unknown requestObject = 13;
// API object returned in the response, in JSON. The ResponseObject is recorded after conversion
// to the external type, and serialized as JSON. Omitted for non-resource requests. Only logged
// at Response Level.
// +optional
optional k8s.io.apimachinery.pkg.runtime.Unknown responseObject = 14;
// Time the request reached the apiserver.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime requestReceivedTimestamp = 15;
// Time the request reached current audit stage.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime stageTimestamp = 16;
// Annotations is an unstructured key value map stored with an audit event that may be set by
// plugins invoked in the request serving chain, including authentication, authorization and
// admission plugins. Note that these annotations are for the audit event, and do not correspond
// to the metadata.annotations of the submitted object. Keys should uniquely identify the informing
// component to avoid name collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values
// should be short. Annotations are included in the Metadata level.
// +optional
map<string, string> annotations = 17;
}
// EventList is a list of audit Events.
message EventList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated Event items = 2;
}
// GroupResources represents resource kinds in an API group.
message GroupResources {
// Group is the name of the API group that contains the resources.
// The empty string represents the core API group.
// +optional
optional string group = 1;
// Resources is a list of resources this rule applies to.
//
// For example:
// 'pods' matches pods.
// 'pods/log' matches the log subresource of pods.
// '*' matches all resources and their subresources.
// 'pods/*' matches all subresources of pods.
// '*/scale' matches all scale subresources.
//
// If wildcard is present, the validation rule will ensure resources do not
// overlap with each other.
//
// An empty list implies all resources and subresources in this API groups apply.
// +optional
repeated string resources = 2;
// ResourceNames is a list of resource instance names that the policy matches.
// Using this field requires Resources to be specified.
// An empty list implies that every instance of the resource is matched.
// +optional
repeated string resourceNames = 3;
}
// ObjectReference contains enough information to let you inspect or modify the referred object.
message ObjectReference {
// +optional
optional string resource = 1;
// +optional
optional string namespace = 2;
// +optional
optional string name = 3;
// +optional
optional string uid = 4;
// APIGroup is the name of the API group that contains the referred object.
// The empty string represents the core API group.
// +optional
optional string apiGroup = 5;
// APIVersion is the version of the API group that contains the referred object.
// +optional
optional string apiVersion = 6;
// +optional
optional string resourceVersion = 7;
// +optional
optional string subresource = 8;
}
// Policy defines the configuration of audit logging, and the rules for how different request
// categories are logged.
message Policy {
// ObjectMeta is included for interoperability with API infrastructure.
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
// Rules specify the audit Level a request should be recorded at.
// A request may match multiple rules, in which case the FIRST matching rule is used.
// The default audit level is None, but can be overridden by a catch-all rule at the end of the list.
// PolicyRules are strictly ordered.
repeated PolicyRule rules = 2;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified per rule in which case the union of both are omitted.
// +optional
repeated string omitStages = 3;
}
// PolicyList is a list of audit Policies.
message PolicyList {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
repeated Policy items = 2;
}
// PolicyRule maps requests based off metadata to an audit Level.
// Requests must match the rules of every field (an intersection of rules).
message PolicyRule {
// The Level that requests matching this rule are recorded at.
optional string level = 1;
// The users (by authenticated user name) this rule applies to.
// An empty list implies every user.
// +optional
repeated string users = 2;
// The user groups this rule applies to. A user is considered matching
// if it is a member of any of the UserGroups.
// An empty list implies every user group.
// +optional
repeated string userGroups = 3;
// The verbs that match this rule.
// An empty list implies every verb.
// +optional
repeated string verbs = 4;
// Resources that this rule matches. An empty list implies all kinds in all API groups.
// +optional
repeated GroupResources resources = 5;
// Namespaces that this rule matches.
// The empty string "" matches non-namespaced resources.
// An empty list implies every namespace.
// +optional
repeated string namespaces = 6;
// NonResourceURLs is a set of URL paths that should be audited.
// *s are allowed, but only as the full, final step in the path.
// Examples:
// "/metrics" - Log requests for apiserver metrics
// "/healthz*" - Log all health checks
// +optional
repeated string nonResourceURLs = 7;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified policy wide in which case the union of both are omitted.
// An empty list means no restrictions will apply.
// +optional
repeated string omitStages = 8;
}

9
vendor/k8s.io/apiserver/pkg/audit/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- sig-auth-audit-approvers
reviewers:
- sig-auth-audit-reviewers
labels:
- sig/auth

4
vendor/k8s.io/apiserver/pkg/features/OWNERS generated vendored Normal file
View File

@ -0,0 +1,4 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- feature-approvers

176
vendor/k8s.io/apiserver/pkg/server/egressselector/config.go generated vendored
View File

@ -1,176 +0,0 @@
/*
Copyright 2019 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package egressselector
import (
"fmt"
"io/ioutil"
"strings"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/validation/field"
"k8s.io/apiserver/pkg/apis/apiserver"
"k8s.io/apiserver/pkg/apis/apiserver/install"
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1"
"k8s.io/utils/path"
"sigs.k8s.io/yaml"
)
var cfgScheme = runtime.NewScheme()
func init() {
install.Install(cfgScheme)
}
// ReadEgressSelectorConfiguration reads the egress selector configuration at the specified path.
// It returns the loaded egress selector configuration if the input file aligns with the required syntax.
// If it does not align with the provided syntax, it returns a default configuration which should function as a no-op.
// It does this by returning a nil configuration, which preserves backward compatibility.
// This works because prior to this there was no egress selector configuration.
// It returns an error if the file did not exist.
func ReadEgressSelectorConfiguration(configFilePath string) (*apiserver.EgressSelectorConfiguration, error) {
if configFilePath == "" {
return nil, nil
}
// a file was provided, so we just read it.
data, err := ioutil.ReadFile(configFilePath)
if err != nil {
return nil, fmt.Errorf("unable to read egress selector configuration from %q [%v]", configFilePath, err)
}
var decodedConfig v1alpha1.EgressSelectorConfiguration
err = yaml.Unmarshal(data, &decodedConfig)
if err != nil {
// we got an error where the decode wasn't related to a missing type
return nil, err
}
if decodedConfig.Kind != "EgressSelectorConfiguration" {
return nil, fmt.Errorf("invalid service configuration object %q", decodedConfig.Kind)
}
internalConfig := &apiserver.EgressSelectorConfiguration{}
if err := cfgScheme.Convert(&decodedConfig, internalConfig, nil); err != nil {
// we got an error where the decode wasn't related to a missing type
return nil, err
}
return internalConfig, nil
}
// ValidateEgressSelectorConfiguration checks the apiserver.EgressSelectorConfiguration for
// common configuration errors. It will return error for problems such as configuring mtls/cert
// settings for protocol which do not support security. It will also try to catch errors such as
// incorrect file paths. It will return nil if it does not find anything wrong.
func ValidateEgressSelectorConfiguration(config *apiserver.EgressSelectorConfiguration) field.ErrorList {
allErrs := field.ErrorList{}
if config == nil {
return allErrs // Treating a nil configuration as valid
}
for _, service := range config.EgressSelections {
base := field.NewPath("service", "connection")
switch service.Connection.Type {
case "direct":
allErrs = append(allErrs, validateDirectConnection(service.Connection, base)...)
case "http-connect":
allErrs = append(allErrs, validateHTTPConnection(service.Connection, base)...)
default:
allErrs = append(allErrs, field.NotSupported(
base.Child("type"),
service.Connection.Type,
[]string{"direct", "http-connect"}))
}
}
return allErrs
}
func validateDirectConnection(connection apiserver.Connection, fldPath *field.Path) field.ErrorList {
if connection.HTTPConnect != nil {
return field.ErrorList{field.Invalid(
fldPath.Child("httpConnect"),
"direct",
"httpConnect config should be absent for direct connect"),
}
}
return nil
}
func validateHTTPConnection(connection apiserver.Connection, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
if connection.HTTPConnect == nil {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect"),
"nil",
"httpConnect config should be present for http-connect"))
} else if strings.HasPrefix(connection.HTTPConnect.URL, "https://") {
if connection.HTTPConnect.CABundle == "" {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "caBundle"),
"nil",
"http-connect via https requires caBundle"))
} else if exists, err := path.Exists(path.CheckFollowSymlink, connection.HTTPConnect.CABundle); exists == false || err != nil {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "caBundle"),
connection.HTTPConnect.CABundle,
"http-connect ca bundle does not exist"))
}
if connection.HTTPConnect.ClientCert == "" {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "clientCert"),
"nil",
"http-connect via https requires clientCert"))
} else if exists, err := path.Exists(path.CheckFollowSymlink, connection.HTTPConnect.ClientCert); exists == false || err != nil {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "clientCert"),
connection.HTTPConnect.ClientCert,
"http-connect client cert does not exist"))
}
if connection.HTTPConnect.ClientKey == "" {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "clientKey"),
"nil",
"http-connect via https requires clientKey"))
} else if exists, err := path.Exists(path.CheckFollowSymlink, connection.HTTPConnect.ClientKey); exists == false || err != nil {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "clientKey"),
connection.HTTPConnect.ClientKey,
"http-connect client key does not exist"))
}
} else if strings.HasPrefix(connection.HTTPConnect.URL, "http://") {
if connection.HTTPConnect.CABundle != "" {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "caBundle"),
connection.HTTPConnect.CABundle,
"http-connect via http does not support caBundle"))
}
if connection.HTTPConnect.ClientCert != "" {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "clientCert"),
connection.HTTPConnect.ClientCert,
"http-connect via http does not support clientCert"))
}
if connection.HTTPConnect.ClientKey != "" {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "clientKey"),
connection.HTTPConnect.ClientKey,
"http-connect via http does not support clientKey"))
}
} else {
allErrs = append(allErrs, field.Invalid(
fldPath.Child("httpConnect", "url"),
connection.HTTPConnect.URL,
"supported connection protocols are http:// and https://"))
}
return allErrs
}

199
vendor/k8s.io/apiserver/pkg/server/egressselector/egress_selector.go generated vendored
View File

@ -1,199 +0,0 @@
/*
Copyright 2019 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package egressselector
import (
"bufio"
"context"
"crypto/tls"
"crypto/x509"
"fmt"
"io/ioutil"
utilnet "k8s.io/apimachinery/pkg/util/net"
"k8s.io/apiserver/pkg/apis/apiserver"
"k8s.io/klog"
"net"
"net/http"
"net/url"
"strings"
)
var directDialer utilnet.DialFunc = http.DefaultTransport.(*http.Transport).DialContext
// EgressSelector is the map of network context type to context dialer, for network egress.
type EgressSelector struct {
egressToDialer map[EgressType]utilnet.DialFunc
}
// EgressType is an indicator of which egress selection should be used for sending traffic.
// See https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20190226-network-proxy.md#network-context
type EgressType int
const (
// Master is the EgressType for traffic intended to go to the control plane.
Master EgressType = iota
// Etcd is the EgressType for traffic intended to go to Kubernetes persistence store.
Etcd
// Cluster is the EgressType for traffic intended to go to the system being managed by Kubernetes.
Cluster
)
// NetworkContext is the struct used by Kubernetes API Server to indicate where it intends traffic to be sent.
type NetworkContext struct {
// EgressSelectionName is the unique name of the
// EgressSelectorConfiguration which determines
// the network we route the traffic to.
EgressSelectionName EgressType
}
// Lookup is the interface to get the dialer function for the network context.
type Lookup func(networkContext NetworkContext) (utilnet.DialFunc, error)
// String returns the canonical string representation of the egress type
func (s EgressType) String() string {
switch s {
case Master:
return "master"
case Etcd:
return "etcd"
case Cluster:
return "cluster"
default:
return "invalid"
}
}
// AsNetworkContext is a helper function to make it easy to get the basic NetworkContext objects.
func (s EgressType) AsNetworkContext() NetworkContext {
return NetworkContext{EgressSelectionName: s}
}
func lookupServiceName(name string) (EgressType, error) {
switch strings.ToLower(name) {
case "master":
return Master, nil
case "etcd":
return Etcd, nil
case "cluster":
return Cluster, nil
}
return -1, fmt.Errorf("unrecognized service name %s", name)
}
func createConnectDialer(connectConfig *apiserver.HTTPConnectConfig) (utilnet.DialFunc, error) {
clientCert := connectConfig.ClientCert
clientKey := connectConfig.ClientKey
caCert := connectConfig.CABundle
proxyURL, err := url.Parse(connectConfig.URL)
if err != nil {
return nil, fmt.Errorf("invalid proxy server url %q: %v", connectConfig.URL, err)
}
proxyAddress := proxyURL.Host
clientCerts, err := tls.LoadX509KeyPair(clientCert, clientKey)
if err != nil {
return nil, fmt.Errorf("failed to read key pair %s & %s, got %v", clientCert, clientKey, err)
}
certPool := x509.NewCertPool()
certBytes, err := ioutil.ReadFile(caCert)
if err != nil {
return nil, fmt.Errorf("failed to read cert file %s, got %v", caCert, err)
}
ok := certPool.AppendCertsFromPEM(certBytes)
if !ok {
return nil, fmt.Errorf("failed to append CA cert to the cert pool")
}
contextDialer := func(ctx context.Context, network, addr string) (net.Conn, error) {
klog.V(4).Infof("Sending request to %q.", addr)
proxyConn, err := tls.Dial("tcp", proxyAddress,
&tls.Config{
Certificates: []tls.Certificate{clientCerts},
RootCAs: certPool,
},
)
if err != nil {
return nil, fmt.Errorf("dialing proxy %q failed: %v", proxyAddress, err)
}
fmt.Fprintf(proxyConn, "CONNECT %s HTTP/1.1\r\nHost: %s\r\n\r\n", addr, "127.0.0.1")
br := bufio.NewReader(proxyConn)
res, err := http.ReadResponse(br, nil)
if err != nil {
proxyConn.Close()
return nil, fmt.Errorf("reading HTTP response from CONNECT to %s via proxy %s failed: %v",
addr, proxyAddress, err)
}
if res.StatusCode != 200 {
proxyConn.Close()
return nil, fmt.Errorf("proxy error from %s while dialing %s, code %d: %v",
proxyAddress, addr, res.StatusCode, res.Status)
}
// It's safe to discard the bufio.Reader here and return the
// original TCP conn directly because we only use this for
// TLS, and in TLS the client speaks first, so we know there's
// no unbuffered data. But we can double-check.
if br.Buffered() > 0 {
proxyConn.Close()
return nil, fmt.Errorf("unexpected %d bytes of buffered data from CONNECT proxy %q",
br.Buffered(), proxyAddress)
}
klog.V(4).Infof("About to proxy request to %s over %s.", addr, proxyAddress)
return proxyConn, nil
}
return contextDialer, nil
}
// NewEgressSelector configures lookup mechanism for Lookup.
// It does so based on a EgressSelectorConfiguration which was read at startup.
func NewEgressSelector(config *apiserver.EgressSelectorConfiguration) (*EgressSelector, error) {
if config == nil || config.EgressSelections == nil {
// No Connection Services configured, leaving the serviceMap empty, will return default dialer.
return nil, nil
}
cs := &EgressSelector{
egressToDialer: make(map[EgressType]utilnet.DialFunc),
}
for _, service := range config.EgressSelections {
name, err := lookupServiceName(service.Name)
if err != nil {
return nil, err
}
switch service.Connection.Type {
case "http-connect":
contextDialer, err := createConnectDialer(service.Connection.HTTPConnect)
if err != nil {
return nil, fmt.Errorf("failed to create http-connect dialer: %v", err)
}
cs.egressToDialer[name] = contextDialer
case "direct":
cs.egressToDialer[name] = directDialer
default:
return nil, fmt.Errorf("unrecognized service connection type %q", service.Connection.Type)
}
}
return cs, nil
}
// Lookup gets the dialer function for the network context.
// This is configured for the Kubernetes API Server at startup.
func (cs *EgressSelector) Lookup(networkContext NetworkContext) (utilnet.DialFunc, error) {
if cs.egressToDialer == nil {
// The round trip wrapper will over-ride the dialContext method appropriately
return nil, nil
}
return cs.egressToDialer[networkContext.EgressSelectionName], nil
}

29
vendor/k8s.io/apiserver/pkg/storage/OWNERS generated vendored Normal file
View File

@ -0,0 +1,29 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- lavalamp
- liggitt
- timothysc
- wojtek-t
- xiang90
reviewers:
- lavalamp
- smarterclayton
- wojtek-t
- deads2k
- caesarxuchao
- mikedanese
- liggitt
- ncdc
- tallclair
- timothysc
- hongchaodeng
- krousey
- xiang90
- mml
- ingvagabund
- resouer
- mbohlool
- mqliang
- rrati
- enj

7
vendor/k8s.io/apiserver/pkg/storage/etcd3/OWNERS generated vendored Normal file
View File

@ -0,0 +1,7 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- wojtek-t
- timothysc
- madhusudancs
- hongchaodeng

107
vendor/k8s.io/apiserver/pkg/util/webhook/gencerts.sh generated vendored Normal file
View File

@ -0,0 +1,107 @@
#!/usr/bin/env bash
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -e
# gencerts.sh generates the certificates for the webhook tests.
#
# It is not expected to be run often (there is no go generate rule), and mainly
# exists for documentation purposes.
CN_BASE="webhook_tests"
cat > server.conf << EOF
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, serverAuth
subjectAltName = @alt_names
[alt_names]
IP.1 = 127.0.0.1
EOF
cat > client.conf << EOF
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, serverAuth
subjectAltName = @alt_names
[alt_names]
IP.1 = 127.0.0.1
EOF
# Create a certificate authority
openssl genrsa -out caKey.pem 2048
openssl req -x509 -new -nodes -key caKey.pem -days 100000 -out caCert.pem -subj "/CN=${CN_BASE}_ca"
# Create a second certificate authority
openssl genrsa -out badCAKey.pem 2048
openssl req -x509 -new -nodes -key badCAKey.pem -days 100000 -out badCACert.pem -subj "/CN=${CN_BASE}_ca"
# Create a server certiticate
openssl genrsa -out serverKey.pem 2048
openssl req -new -key serverKey.pem -out server.csr -subj "/CN=${CN_BASE}_server" -config server.conf
openssl x509 -req -in server.csr -CA caCert.pem -CAkey caKey.pem -CAcreateserial -out serverCert.pem -days 100000 -extensions v3_req -extfile server.conf
# Create a client certiticate
openssl genrsa -out clientKey.pem 2048
openssl req -new -key clientKey.pem -out client.csr -subj "/CN=${CN_BASE}_client" -config client.conf
openssl x509 -req -in client.csr -CA caCert.pem -CAkey caKey.pem -CAcreateserial -out clientCert.pem -days 100000 -extensions v3_req -extfile client.conf
outfile=certs_test.go
cat > $outfile << EOF
/*
Copyright 2017 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was generated using openssl by the gencerts.sh script
// and holds raw certificates for the webhook tests.
package webhook
EOF
for file in caKey caCert badCAKey badCACert serverKey serverCert clientKey clientCert; do
data=$(cat ${file}.pem)
echo "" >> $outfile
echo "var $file = []byte(\`$data\`)" >> $outfile
done
# Clean up after we're done.
rm ./*.pem
rm ./*.csr
rm ./*.srl
rm ./*.conf

9
vendor/k8s.io/client-go/pkg/apis/clientauthentication/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
# approval on api packages bubbles to api-approvers
reviewers:
- sig-auth-authenticators-approvers
- sig-auth-authenticators-reviewers
labels:
- sig/auth

1
vendor/k8s.io/client-go/pkg/version/.gitattributes generated vendored Normal file
View File

@ -0,0 +1 @@
base.go export-subst

38
vendor/k8s.io/client-go/pkg/version/def.bzl generated vendored Normal file
View File

@ -0,0 +1,38 @@
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Implements hack/lib/version.sh's kube::version::ldflags() for Bazel.
def version_x_defs():
# This should match the list of packages in kube::version::ldflag
stamp_pkgs = [
"k8s.io/component-base/version",
# In hack/lib/version.sh, this has a vendor/ prefix. That isn't needed here?
"k8s.io/client-go/pkg/version",
]
# This should match the list of vars in kube::version::ldflags
# It should also match the list of vars set in hack/print-workspace-status.sh.
stamp_vars = [
"buildDate",
"gitCommit",
"gitMajor",
"gitMinor",
"gitTreeState",
"gitVersion",
]
# Generate the cross-product.
x_defs = {}
for pkg in stamp_pkgs:
for var in stamp_vars:
x_defs["%s.%s" % (pkg, var)] = "{%s}" % var
return x_defs

25
vendor/k8s.io/client-go/rest/OWNERS generated vendored Normal file
View File

@ -0,0 +1,25 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- thockin
- smarterclayton
- caesarxuchao
- wojtek-t
- deads2k
- brendandburns
- liggitt
- nikhiljindal
- gmarek
- erictune
- sttts
- luxas
- dims
- errordeveloper
- hongchaodeng
- krousey
- resouer
- cjcullen
- rmmh
- asalkeld
- juanvallejo
- lojies

9
vendor/k8s.io/client-go/tools/auth/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- sig-auth-authenticators-approvers
reviewers:
- sig-auth-authenticators-reviewers
labels:
- sig/auth

45
vendor/k8s.io/client-go/tools/cache/OWNERS generated vendored Normal file
View File

@ -0,0 +1,45 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- thockin
- lavalamp
- smarterclayton
- wojtek-t
- deads2k
- caesarxuchao
- liggitt
- ncdc
reviewers:
- thockin
- lavalamp
- smarterclayton
- wojtek-t
- deads2k
- brendandburns
- derekwaynecarr
- caesarxuchao
- mikedanese
- liggitt
- nikhiljindal
- erictune
- davidopp
- pmorie
- janetkuo
- justinsb
- eparis
- soltysh
- jsafrane
- dims
- madhusudancs
- hongchaodeng
- krousey
- xiang90
- mml
- ingvagabund
- resouer
- jessfraz
- david-mcmahon
- mfojtik
- mqliang
- sdminonne
- ncdc

7
vendor/k8s.io/client-go/tools/metrics/OWNERS generated vendored Normal file
View File

@ -0,0 +1,7 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- wojtek-t
- eparis
- krousey
- jayunit100

29
vendor/k8s.io/client-go/tools/record/OWNERS generated vendored Normal file
View File

@ -0,0 +1,29 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- lavalamp
- smarterclayton
- wojtek-t
- deads2k
- derekwaynecarr
- caesarxuchao
- vishh
- mikedanese
- liggitt
- nikhiljindal
- erictune
- pmorie
- dchen1107
- saad-ali
- luxas
- yifan-gu
- eparis
- mwielgus
- timothysc
- jsafrane
- dims
- krousey
- a-robinson
- aveshagarwal
- resouer
- cjcullen

9
vendor/k8s.io/client-go/transport/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- smarterclayton
- wojtek-t
- deads2k
- liggitt
- krousey
- caesarxuchao

9
vendor/k8s.io/client-go/util/cert/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- sig-auth-certificates-approvers
reviewers:
- sig-auth-certificates-reviewers
labels:
- sig/auth

7
vendor/k8s.io/client-go/util/keyutil/OWNERS generated vendored Normal file
View File

@ -0,0 +1,7 @@
approvers:
- sig-auth-certificates-approvers
reviewers:
- sig-auth-certificates-reviewers
labels:
- sig/auth

4
vendor/k8s.io/client-go/util/retry/OWNERS generated vendored Normal file
View File

@ -0,0 +1,4 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- caesarxuchao

9
vendor/k8s.io/cloud-provider/CONTRIBUTING.md generated vendored Normal file
View File

@ -0,0 +1,9 @@
# Contributing guidelines
Welcome to Kubernetes. We are excited about the prospect of you joining our [community](https://github.com/kubernetes/community)! The Kubernetes community abides by the CNCF [code of conduct](code-of-conduct.md).
Do not open pull requests directly against this repository, they will be ignored. Instead, please open pull requests against [kubernetes/kubernetes](https://git.k8s.io/kubernetes/). Please follow the same [contributing guide](https://git.k8s.io/kubernetes/CONTRIBUTING.md) you would follow for any other pull request made to kubernetes/kubernetes. Changes to this repo should be discussed with [sig cloud-provider](https://github.com/kubernetes/community/tree/master/sig-cloud-provider).
This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/cloud-provider](https://git.k8s.io/kubernetes/staging/src/k8s.io/cloud-provider) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot).
Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information

40
vendor/k8s.io/cloud-provider/OWNERS generated vendored Normal file
View File

@ -0,0 +1,40 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- mikedanese
- dims
- wlan0
- andrewsykim
- cheftako
reviewers:
- wojtek-t
- deads2k
- derekwaynecarr
- vishh
- mikedanese
- liggitt
- gmarek
- davidopp
- pmorie
- sttts
- quinton-hoole
- dchen1107
- saad-ali
- zmerlynn
- luxas
- justinsb
- eparis
- piosz
- jsafrane
- dims
- krousey
- rootfs
- freehan
- jingxu97
- wlan0
- cheftako
- andrewsykim
- mcrute
labels:
- sig/cloud-provider
- area/cloudprovider

32
vendor/k8s.io/cloud-provider/README.md generated vendored Normal file
View File

@ -0,0 +1,32 @@
# cloud-provider
This repository defines the cloud-provider interface and mechanism to initialize
a cloud-provider implementation into Kubernetes. Currently multiple processes
use this code although the intent is that it will eventually only be cloud
controller manager.
**Note:** go-get or vendor this package as `k8s.io/cloud-provider`.
## Purpose
This library is a shared dependency for processes which need to be able to
integrate with cloud-provider specific functionality.
## Compatibility
Cloud Providers are expected to keep the HEAD of their implementations in sync
with the HEAD of this repository.
## Where does it come from?
`cloud-provider` is synced from
https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/cloud-provider.
Code changes are made in that location, merged into k8s.io/kubernetes and
later synced here.
## Things you should NOT do
1. Add an cloud provider specific code to this repo.
2. Directly modify anything under vendor/k8s.io/cloud-provider in this repo. Those are driven from `k8s.io/kubernetes/staging/src/k8s.io/cloud-provider`.
3. Make interface changes without first discussing them with
sig-cloudprovider.

20
vendor/k8s.io/cloud-provider/SECURITY_CONTACTS generated vendored Normal file
View File

@ -0,0 +1,20 @@
# Defined below are the security contacts for this repo.
#
# They are the contact point for the Product Security Committee to reach out
# to for triaging and handling of incoming issues.
#
# The below names agree to abide by the
# [Embargo Policy](https://git.k8s.io/security/private-distributors-list.md#embargo-policy)
# and will be removed and replaced if they violate that agreement.
#
# DO NOT REPORT SECURITY VULNERABILITIES DIRECTLY TO THESE NAMES, FOLLOW THE
# INSTRUCTIONS AT https://kubernetes.io/security/
cheftako
andrewsykim
dims
cjcullen
joelsmith
liggitt
philips
tallclair

3
vendor/k8s.io/cloud-provider/code-of-conduct.md generated vendored Normal file
View File

@ -0,0 +1,3 @@
# Kubernetes Community Code of Conduct
Please refer to our [Kubernetes Community Code of Conduct](https://git.k8s.io/community/code-of-conduct.md)

21
vendor/k8s.io/cloud-provider/go.mod generated vendored Normal file
View File

@ -0,0 +1,21 @@
// This is a generated file. Do not edit directly.
module k8s.io/cloud-provider
go 1.12
require (
k8s.io/api v0.17.1
k8s.io/apimachinery v0.17.1
k8s.io/client-go v0.17.1
k8s.io/klog v1.0.0
k8s.io/utils v0.0.0-20191114184206-e782cd3c129f
)
replace (
golang.org/x/sys => golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a // pinned to release-branch.go1.13
golang.org/x/tools => golang.org/x/tools v0.0.0-20190821162956-65e3620a7ae7 // pinned to release-branch.go1.13
k8s.io/api => k8s.io/api v0.17.1
k8s.io/apimachinery => k8s.io/apimachinery v0.17.1
k8s.io/client-go => k8s.io/client-go v0.17.1
)

192
vendor/k8s.io/cloud-provider/go.sum generated vendored Normal file
View File

@ -0,0 +1,192 @@
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0=
github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA=
github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc=
github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM=
github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0=
github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg=
github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc=
github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d h1:3PaI8p3seN09VjbTYC/QWlUZdZ1qS1zGjy7LH2Wt07I=
github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903 h1:LbsanbbD6LieFkXbj9YNNBupiGHJgFeLpO0j0Fza1h8=
github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY=
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d h1:7XGaL1e6bYS1yIonGp9761ExpPPV1ui0SAC59Yube9k=
github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8=
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
github.com/hashicorp/golang-lru v0.5.0 h1:CL2msUPvZTLb5O648aiLNJw3hnBxN2+1Jq8rCOH9wdo=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok=
github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.6.0 h1:Ix8l273rp3QzYgXSR+c8d1fTG7UPgYkOSELPhiY/YGw=
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.10.1 h1:q/mM8GF/n0shIN8SaAZ0V+jnLPzen6WIVZdiwrRlMlo=
github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME=
github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586 h1:7KByu05hhLed2MO29w7p1XfZvZ13m8mub3shuVftRs0=
golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 h1:rjwSpXsdiK0dV8/Naq3kAw9ymfAeJIyd0upUIElB+lI=
golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20190821162956-65e3620a7ae7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.5.0 h1:KxkO13IPW4Lslp2bz+KHP2E3gtFlrIGNThxkZQ3g+4c=
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE=
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I=
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
k8s.io/api v0.17.1/go.mod h1:zxiAc5y8Ngn4fmhWUtSxuUlkfz1ixT7j9wESokELzOg=
k8s.io/apimachinery v0.17.1/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg=
k8s.io/client-go v0.17.1/go.mod h1:HZtHJSC/VuSHcETN9QA5QDZky1tXiYrkF/7t7vRpO1A=
k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a h1:UcxjrRMyNx/i/y8G7kPvLyy7rfbeuf1PYyBf973pgyU=
k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
k8s.io/utils v0.0.0-20191114184206-e782cd3c129f h1:GiPwtSzdP43eI1hpPCbROQCCIgCuiMMNF8YUVLF3vJo=
k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI=
sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=

9
vendor/k8s.io/component-base/metrics/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- sig-instrumentation-approvers
- logicalhan
reviewers:
- sig-instrumentation-reviewers
labels:
- sig/instrumentation

9
vendor/k8s.io/component-base/metrics/prometheus/ratelimiter/OWNERS generated vendored Normal file
View File

@ -0,0 +1,9 @@
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- sig-instrumentation-approvers
- logicalhan
reviewers:
- sig-instrumentation-reviewers
labels:
- sig/instrumentation

1
vendor/k8s.io/component-base/version/.gitattributes generated vendored Normal file
View File

@ -0,0 +1 @@
base.go export-subst

39
vendor/k8s.io/component-base/version/def.bzl generated vendored Normal file
View File

@ -0,0 +1,39 @@
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Implements hack/lib/version.sh's kube::version::ldflags() for Bazel.
def version_x_defs():
# This should match the list of packages in kube::version::ldflag
stamp_pkgs = [
"k8s.io/kubernetes/vendor/k8s.io/component-base/version",
"k8s.io/kubernetes/vendor/k8s.io/client-go/pkg/version",
]
# This should match the list of vars in kube::version::ldflags
# It should also match the list of vars set in hack/print-workspace-status.sh.
stamp_vars = [
"buildDate",
"gitCommit",
"gitMajor",
"gitMinor",
"gitTreeState",
"gitVersion",
]
# Generate the cross-product.
x_defs = {}
for pkg in stamp_pkgs:
for var in stamp_vars:
x_defs["%s.%s" % (pkg, var)] = "{%s}" % var
return x_defs

1281
vendor/k8s.io/cri-api/pkg/apis/runtime/v1alpha2/api.proto generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

7
vendor/k8s.io/csi-translation-lib/CONTRIBUTING.md generated vendored Normal file
View File

@ -0,0 +1,7 @@
# Contributing guidelines
Do not open pull requests directly against this repository, they will be ignored. Instead, please open pull requests against [kubernetes/kubernetes](https://git.k8s.io/kubernetes/). Please follow the same [contributing guide](https://git.k8s.io/kubernetes/CONTRIBUTING.md) you would follow for any other pull request made to kubernetes/kubernetes.
This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/csi-api](https://git.k8s.io/kubernetes/staging/src/k8s.io/csi-api) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot).
Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information.

14
vendor/k8s.io/csi-translation-lib/OWNERS generated vendored Normal file
View File

@ -0,0 +1,14 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- davidz627
- saad-ali
- msau42
- ddebroy
- leakingtapan
- andyzhangx
approvers:
- davidz627
- saad-ali
- msau42

29
vendor/k8s.io/csi-translation-lib/README.md generated vendored Normal file
View File

@ -0,0 +1,29 @@
## Purpose
This repository contains functions to be consumed by various Kubernetes and
out-of-tree CSI components like external provisioner to facilitate migration of
code from Kubernetes In-tree plugin code to CSI plugin repositories.
Consumers of this repository can make use of functions like `TranslateToCSI` and
`TranslateToInTree` functions to translate PV sources.
## Community, discussion, contribution, and support
Learn how to engage with the Kubernetes community on the [community
page](http://kubernetes.io/community/).
You can reach the maintainers of this repository at:
- Slack: #sig-storage (on https://kubernetes.slack.com -- get an
invite at slack.kubernetes.io)
- Mailing List:
https://groups.google.com/forum/#!forum/kubernetes-sig-storage
### Code of Conduct
Participation in the Kubernetes community is governed by the [Kubernetes
Code of Conduct](code-of-conduct.md).
### Contibution Guidelines
See [CONTRIBUTING.md](CONTRIBUTING.md) for more information.

Some files were not shown because too many files have changed in this diff Show More