install authentication.k8s.io/v1, add tests

cmd/kubelet/app/auth.go

@@ -41,7 +41,7 @@ func buildAuth(nodeName types.NodeName, client clientset.Interface, config compo
 		sarClient   authorizationclient.SubjectAccessReviewInterface
 	)
 	if client != nil && !reflect.ValueOf(client).IsNil() {
-		tokenClient = client.Authentication().TokenReviews()
+		tokenClient = client.AuthenticationV1beta1().TokenReviews()
 		sarClient = client.AuthorizationV1beta1().SubjectAccessReviews()
 	}
 

cmd/libs/go2idl/go-to-protobuf/protobuf/cmd.go

@@ -77,6 +77,7 @@ func New() *Generator {
 			`k8s.io/kubernetes/pkg/apis/batch/v1`,
 			`k8s.io/kubernetes/pkg/apis/batch/v2alpha1`,
 			`k8s.io/kubernetes/pkg/apis/apps/v1beta1`,
+			`k8s.io/kubernetes/pkg/apis/authentication/v1`,
 			`k8s.io/kubernetes/pkg/apis/authentication/v1beta1`,
 			`k8s.io/kubernetes/pkg/apis/rbac/v1alpha1`,
 			`k8s.io/kubernetes/pkg/apis/rbac/v1beta1`,

hack/.linted_packages

@@ -120,6 +120,7 @@ pkg/client/informers/informers_generated/storage/v1beta1
 pkg/client/listers/apps/internalversion
 pkg/client/listers/apps/v1beta1
 pkg/client/listers/authentication/internalversion
+pkg/client/listers/authentication/v1
 pkg/client/listers/authentication/v1beta1
 pkg/client/listers/authorization/internalversion
 pkg/client/listers/authorization/v1

hack/lib/init.sh

@@ -54,6 +54,7 @@ KUBE_OUTPUT_HOSTBIN="${KUBE_OUTPUT_BINPATH}/$(kube::util::host_platform)"
 KUBE_AVAILABLE_GROUP_VERSIONS="${KUBE_AVAILABLE_GROUP_VERSIONS:-\
 v1 \
 apps/v1beta1 \
+authentication.k8s.io/v1 \
 authentication.k8s.io/v1beta1 \
 authorization.k8s.io/v1 \
 authorization.k8s.io/v1beta1 \

hack/make-rules/test-cmd-util.sh

@@ -3240,7 +3240,8 @@ __EOF__
 
     # check webhook token authentication endpoint, kubectl doesn't actually display the returned object so this isn't super useful
     # but it proves that works
-    kubectl create -f test/fixtures/pkg/kubectl/cmd/create/tokenreview.json --validate=false
+    kubectl create -f test/fixtures/pkg/kubectl/cmd/create/tokenreview-v1beta1.json --validate=false
+    kubectl create -f test/fixtures/pkg/kubectl/cmd/create/tokenreview-v1.json --validate=false
   fi
 
 

pkg/apis/authentication/install/install.go

@@ -25,6 +25,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/authentication"
+	"k8s.io/kubernetes/pkg/apis/authentication/v1"
 	"k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
 )
 
@@ -37,13 +38,14 @@ func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *r
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:                  authentication.GroupName,
-			VersionPreferenceOrder:     []string{v1beta1.SchemeGroupVersion.Version},
+			VersionPreferenceOrder:     []string{v1.SchemeGroupVersion.Version, v1beta1.SchemeGroupVersion.Version},
 			ImportPrefix:               "k8s.io/kubernetes/pkg/apis/authentication",
 			RootScopedKinds:            sets.NewString("TokenReview"),
 			AddInternalObjectsToScheme: authentication.AddToScheme,
 		},
 		announced.VersionToSchemeFunc{
 			v1beta1.SchemeGroupVersion.Version: v1beta1.AddToScheme,
+			v1.SchemeGroupVersion.Version:      v1.AddToScheme,
 		},
 	).Announce(groupFactoryRegistry).RegisterAndEnable(registry, scheme); err != nil {
 		panic(err)

pkg/client/clientset_generated/clientset/typed/authentication/v1/fake/fake_tokenreview_expansion.go

@@ -0,0 +1,27 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fake
+
+import (
+	core "k8s.io/client-go/testing"
+	authenticationapi "k8s.io/kubernetes/pkg/apis/authentication/v1"
+)
+
+func (c *FakeTokenReviews) Create(tokenReview *authenticationapi.TokenReview) (result *authenticationapi.TokenReview, err error) {
+	obj, err := c.Fake.Invokes(core.NewRootCreateAction(authenticationapi.SchemeGroupVersion.WithResource("tokenreviews"), tokenReview), &authenticationapi.TokenReview{})
+	return obj.(*authenticationapi.TokenReview), err
+}

pkg/client/clientset_generated/clientset/typed/authentication/v1/generated_expansion.go

@@ -15,5 +15,3 @@ limitations under the License.
 */
 
 package v1
-
-type TokenReviewExpansion interface{}

pkg/client/clientset_generated/clientset/typed/authentication/v1/tokenreview_expansion.go

@@ -0,0 +1,35 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+import (
+	authenticationapi "k8s.io/kubernetes/pkg/apis/authentication/v1"
+)
+
+type TokenReviewExpansion interface {
+	Create(tokenReview *authenticationapi.TokenReview) (result *authenticationapi.TokenReview, err error)
+}
+
+func (c *tokenReviews) Create(tokenReview *authenticationapi.TokenReview) (result *authenticationapi.TokenReview, err error) {
+	result = &authenticationapi.TokenReview{}
+	err = c.client.Post().
+		Resource("tokenreviews").
+		Body(tokenReview).
+		Do().
+		Into(result)
+	return
+}

pkg/controller/garbagecollector/garbagecollector.go

@@ -533,6 +533,7 @@ var ignoredResources = map[schema.GroupVersionResource]struct{}{
 	schema.GroupVersionResource{Group: "", Version: "v1", Resource: "componentstatuses"}:                                  {},
 	schema.GroupVersionResource{Group: "", Version: "v1", Resource: "events"}:                                             {},
 	schema.GroupVersionResource{Group: "authentication.k8s.io", Version: "v1beta1", Resource: "tokenreviews"}:             {},
+	schema.GroupVersionResource{Group: "authentication.k8s.io", Version: "v1", Resource: "tokenreviews"}:                  {},
 	schema.GroupVersionResource{Group: "authorization.k8s.io", Version: "v1beta1", Resource: "subjectaccessreviews"}:      {},
 	schema.GroupVersionResource{Group: "authorization.k8s.io", Version: "v1beta1", Resource: "selfsubjectaccessreviews"}:  {},
 	schema.GroupVersionResource{Group: "authorization.k8s.io", Version: "v1beta1", Resource: "localsubjectaccessreviews"}: {},

pkg/master/master.go

@@ -35,6 +35,7 @@ import (
 	"k8s.io/kubernetes/pkg/api"
 	apiv1 "k8s.io/kubernetes/pkg/api/v1"
 	appsapi "k8s.io/kubernetes/pkg/apis/apps/v1beta1"
+	authenticationv1 "k8s.io/kubernetes/pkg/apis/authentication/v1"
 	authenticationv1beta1 "k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
 	authorizationapiv1 "k8s.io/kubernetes/pkg/apis/authorization/v1"
 	authorizationapiv1beta1 "k8s.io/kubernetes/pkg/apis/authorization/v1beta1"
@@ -392,6 +393,7 @@ func DefaultAPIResourceConfigSource() *genericapiserver.ResourceConfig {
 		apiv1.SchemeGroupVersion,
 		extensionsapiv1beta1.SchemeGroupVersion,
 		batchapiv1.SchemeGroupVersion,
+		authenticationv1.SchemeGroupVersion,
 		authenticationv1beta1.SchemeGroupVersion,
 		autoscalingapiv1.SchemeGroupVersion,
 		appsapi.SchemeGroupVersion,

pkg/registry/authentication/rest/storage_authentication.go

@@ -23,6 +23,7 @@ import (
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/authentication"
+	authenticationv1 "k8s.io/kubernetes/pkg/apis/authentication/v1"
 	authenticationv1beta1 "k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
 	"k8s.io/kubernetes/pkg/registry/authentication/tokenreview"
 )
@@ -43,6 +44,10 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource genericapise
 		apiGroupInfo.VersionedResourcesStorageMap[authenticationv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = authenticationv1beta1.SchemeGroupVersion
 	}
+	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authenticationv1.SchemeGroupVersion) {
+		apiGroupInfo.VersionedResourcesStorageMap[authenticationv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
+		apiGroupInfo.GroupMeta.GroupVersion = authenticationv1.SchemeGroupVersion
+	}
 
 	return apiGroupInfo, true
 }
@@ -61,6 +66,20 @@ func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource genericapise
 	return storage
 }
 
+func (p RESTStorageProvider) v1Storage(apiResourceConfigSource genericapiserver.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
+	version := authenticationv1.SchemeGroupVersion
+
+	storage := map[string]rest.Storage{}
+	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authenticationv1.SchemeGroupVersion) {
+		if apiResourceConfigSource.ResourceEnabled(version.WithResource("tokenreviews")) {
+			tokenReviewStorage := tokenreview.NewREST(p.Authenticator)
+			storage["tokenreviews"] = tokenReviewStorage
+		}
+	}
+
+	return storage
+}
+
 func (p RESTStorageProvider) GroupName() string {
 	return authentication.GroupName
 }

test/fixtures/pkg/kubectl/cmd/create/tokenreview-v1.json

@@ -0,0 +1,7 @@
+{
+  "apiVersion": "authentication.k8s.io/v1",
+  "kind": "TokenReview",
+  "spec": {
+    "token": "test-token"
+  }
+}