diff --git a/hack/lib/init.sh b/hack/lib/init.sh index d3f3782ba1..263c4839de 100755 --- a/hack/lib/init.sh +++ b/hack/lib/init.sh @@ -61,7 +61,6 @@ admission.k8s.io/v1beta1 \ apps/v1 \ apps/v1beta1 \ apps/v1beta2 \ -auditregistration.k8s.io/v1alpha1 \ authentication.k8s.io/v1 \ authorization.k8s.io/v1 \ authorization.k8s.io/v1beta1 \ diff --git a/pkg/apis/auditregistration/BUILD b/pkg/apis/auditregistration/BUILD deleted file mode 100644 index 65913a1c99..0000000000 --- a/pkg/apis/auditregistration/BUILD +++ /dev/null @@ -1,38 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "register.go", - "types.go", - "zz_generated.deepcopy.go", - ], - importpath = "k8s.io/kubernetes/pkg/apis/auditregistration", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//pkg/apis/auditregistration/fuzzer:all-srcs", - "//pkg/apis/auditregistration/install:all-srcs", - "//pkg/apis/auditregistration/v1alpha1:all-srcs", - "//pkg/apis/auditregistration/validation:all-srcs", - ], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/apis/auditregistration/doc.go b/pkg/apis/auditregistration/doc.go deleted file mode 100644 index 1046b5a62b..0000000000 --- a/pkg/apis/auditregistration/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:deepcopy-gen=package -// +groupName=auditregistration.k8s.io - -package auditregistration // import "k8s.io/kubernetes/pkg/apis/auditregistration" diff --git a/pkg/apis/auditregistration/fuzzer/BUILD b/pkg/apis/auditregistration/fuzzer/BUILD deleted file mode 100644 index 3c4d743d8f..0000000000 --- a/pkg/apis/auditregistration/fuzzer/BUILD +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["fuzzer.go"], - importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer", - visibility = ["//visibility:public"], - deps = [ - "//pkg/apis/auditregistration:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", - "//vendor/github.com/google/gofuzz:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/apis/auditregistration/fuzzer/fuzzer.go b/pkg/apis/auditregistration/fuzzer/fuzzer.go deleted file mode 100644 index eb141540fe..0000000000 --- a/pkg/apis/auditregistration/fuzzer/fuzzer.go +++ /dev/null @@ -1,38 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package fuzzer - -import ( - fuzz "github.com/google/gofuzz" - - runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" - "k8s.io/kubernetes/pkg/apis/auditregistration" -) - -// Funcs returns the fuzzer functions for the auditregistration api group. -var Funcs = func(codecs runtimeserializer.CodecFactory) []interface{} { - return []interface{}{ - func(obj *auditregistration.AuditSink, c fuzz.Continue) { - c.FuzzNoCustom(obj) - v := int64(1) - obj.Spec.Webhook.Throttle = &auditregistration.WebhookThrottleConfig{ - QPS: &v, - Burst: &v, - } - }, - } -} diff --git a/pkg/apis/auditregistration/install/BUILD b/pkg/apis/auditregistration/install/BUILD deleted file mode 100644 index 09172ed23c..0000000000 --- a/pkg/apis/auditregistration/install/BUILD +++ /dev/null @@ -1,29 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["install.go"], - importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/install", - visibility = ["//visibility:public"], - deps = [ - "//pkg/api/legacyscheme:go_default_library", - "//pkg/apis/auditregistration:go_default_library", - "//pkg/apis/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/apis/auditregistration/install/install.go b/pkg/apis/auditregistration/install/install.go deleted file mode 100644 index ffb905cd13..0000000000 --- a/pkg/apis/auditregistration/install/install.go +++ /dev/null @@ -1,38 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package install adds the experimental API group, making it available as -// an option to all of the API encoding/decoding machinery. -package install - -import ( - "k8s.io/apimachinery/pkg/runtime" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/kubernetes/pkg/api/legacyscheme" - "k8s.io/kubernetes/pkg/apis/auditregistration" - "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" -) - -func init() { - Install(legacyscheme.Scheme) -} - -// Install registers the API group and adds types to a scheme -func Install(scheme *runtime.Scheme) { - utilruntime.Must(auditregistration.AddToScheme(scheme)) - utilruntime.Must(v1alpha1.AddToScheme(scheme)) - utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion)) -} diff --git a/pkg/apis/auditregistration/register.go b/pkg/apis/auditregistration/register.go deleted file mode 100644 index ebaa381094..0000000000 --- a/pkg/apis/auditregistration/register.go +++ /dev/null @@ -1,53 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package auditregistration - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName is the group name use in this package -const GroupName = "auditregistration.k8s.io" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - // SchemeBuilder for audit registration - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - // AddToScheme audit registration - AddToScheme = SchemeBuilder.AddToScheme -) - -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &AuditSink{}, - &AuditSinkList{}, - ) - return nil -} diff --git a/pkg/apis/auditregistration/types.go b/pkg/apis/auditregistration/types.go deleted file mode 100644 index 5ae4aa5133..0000000000 --- a/pkg/apis/auditregistration/types.go +++ /dev/null @@ -1,196 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:openapi-gen=true - -package auditregistration - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// Level defines the amount of information logged during auditing -type Level string - -// Valid audit levels -const ( - // LevelNone disables auditing - LevelNone Level = "None" - // LevelMetadata provides the basic level of auditing. - LevelMetadata Level = "Metadata" - // LevelRequest provides Metadata level of auditing, and additionally - // logs the request object (does not apply for non-resource requests). - LevelRequest Level = "Request" - // LevelRequestResponse provides Request level of auditing, and additionally - // logs the response object (does not apply for non-resource requests and watches). - LevelRequestResponse Level = "RequestResponse" -) - -// Stage defines the stages in request handling during which audit events may be generated. -type Stage string - -// Valid audit stages. -const ( - // The stage for events generated after the audit handler receives the request, but before it - // is delegated down the handler chain. - StageRequestReceived = "RequestReceived" - // The stage for events generated after the response headers are sent, but before the response body - // is sent. This stage is only generated for long-running requests (e.g. watch). - StageResponseStarted = "ResponseStarted" - // The stage for events generated after the response body has been completed, and no more bytes - // will be sent. - StageResponseComplete = "ResponseComplete" - // The stage for events generated when a panic occurred. - StagePanic = "Panic" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// AuditSink represents a cluster level sink for audit data -type AuditSink struct { - metav1.TypeMeta - - // +optional - metav1.ObjectMeta - - // Spec defines the audit sink spec - Spec AuditSinkSpec -} - -// AuditSinkSpec is the spec for the audit sink object -type AuditSinkSpec struct { - // Policy defines the policy for selecting which events should be sent to the backend - // required - Policy Policy - - // Webhook to send events - // required - Webhook Webhook -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// AuditSinkList is a list of a audit sink items. -type AuditSinkList struct { - metav1.TypeMeta - - // +optional - metav1.ListMeta - - // List of audit configurations. - Items []AuditSink -} - -// Policy defines the configuration of how audit events are logged -type Policy struct { - // The Level that all requests are recorded at. - // available options: None, Metadata, Request, RequestResponse - // required - Level Level - - // Stages is a list of stages for which events are created. - // +optional - Stages []Stage -} - -// Webhook holds the configuration of the webhooks -type Webhook struct { - // Throttle holds the options for throttling the webhook - // +optional - Throttle *WebhookThrottleConfig - - // ClientConfig holds the connection parameters for the webhook - // required - ClientConfig WebhookClientConfig -} - -// WebhookThrottleConfig holds the configuration for throttling -type WebhookThrottleConfig struct { - // QPS maximum number of batches per second - // default 10 QPS - // +optional - QPS *int64 - - // Burst is the maximum number of events sent at the same moment - // default 15 QPS - // +optional - Burst *int64 -} - -// WebhookClientConfig contains the information to make a connection with the webhook -type WebhookClientConfig struct { - // `url` gives the location of the webhook, in standard URL form - // (`scheme://host:port/path`). Exactly one of `url` or `service` - // must be specified. - // - // The `host` should not refer to a service running in the cluster; use - // the `service` field instead. The host might be resolved via external - // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve - // in-cluster DNS as that would be a layering violation). `host` may - // also be an IP address. - // - // Please note that using `localhost` or `127.0.0.1` as a `host` is - // risky unless you take great care to run this webhook on all hosts - // which run an apiserver which might need to make calls to this - // webhook. Such installs are likely to be non-portable, i.e., not easy - // to turn up in a new cluster. - // - // The scheme must be "https"; the URL must begin with "https://". - // - // A path is optional, and if present may be any string permissible in - // a URL. You may use the path to pass an arbitrary string to the - // webhook, for example, a cluster identifier. - // - // Attempting to use a user or basic auth e.g. "user:password@" is not - // allowed. Fragments ("#...") and query parameters ("?...") are not - // allowed, either. - // - // +optional - URL *string - - // `service` is a reference to the service for this webhook. Either - // `service` or `url` must be specified. - // - // If the webhook is running within the cluster, then you should use `service`. - // - // Port 443 will be used if it is open, otherwise it is an error. - // - // +optional - Service *ServiceReference - - // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. - // If unspecified, system trust roots on the apiserver are used. - // +optional - CABundle []byte -} - -// ServiceReference holds a reference to Service.legacy.k8s.io -type ServiceReference struct { - // `namespace` is the namespace of the service. - // Required - Namespace string - - // `name` is the name of the service. - // Required - Name string - - // `path` is an optional URL path which will be sent in any request to - // this service. - // +optional - Path *string -} diff --git a/pkg/apis/auditregistration/v1alpha1/BUILD b/pkg/apis/auditregistration/v1alpha1/BUILD deleted file mode 100644 index 5c5acd5744..0000000000 --- a/pkg/apis/auditregistration/v1alpha1/BUILD +++ /dev/null @@ -1,50 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") - -go_library( - name = "go_default_library", - srcs = [ - "defaults.go", - "doc.go", - "register.go", - "zz_generated.conversion.go", - "zz_generated.defaults.go", - ], - importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1", - visibility = ["//visibility:public"], - deps = [ - "//pkg/apis/auditregistration:go_default_library", - "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/utils/pointer:go_default_library", - ], -) - -go_test( - name = "go_default_test", - srcs = ["defaults_test.go"], - embed = [":go_default_library"], - deps = [ - "//pkg/api/legacyscheme:go_default_library", - "//pkg/apis/auditregistration/install:go_default_library", - "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/utils/pointer:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/apis/auditregistration/v1alpha1/defaults.go b/pkg/apis/auditregistration/v1alpha1/defaults.go deleted file mode 100644 index 1884a39079..0000000000 --- a/pkg/apis/auditregistration/v1alpha1/defaults.go +++ /dev/null @@ -1,56 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1 - -import ( - auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - "k8s.io/apimachinery/pkg/runtime" - utilpointer "k8s.io/utils/pointer" -) - -const ( - // DefaultQPS is the default QPS value - DefaultQPS = int64(10) - // DefaultBurst is the default burst value - DefaultBurst = int64(15) -) - -// DefaultThrottle is a default throttle config -func DefaultThrottle() *auditregistrationv1alpha1.WebhookThrottleConfig { - return &auditregistrationv1alpha1.WebhookThrottleConfig{ - QPS: utilpointer.Int64Ptr(DefaultQPS), - Burst: utilpointer.Int64Ptr(DefaultBurst), - } -} - -func addDefaultingFuncs(scheme *runtime.Scheme) error { - return RegisterDefaults(scheme) -} - -// SetDefaults_AuditSink sets defaults if the audit sink isn't present -func SetDefaults_AuditSink(obj *auditregistrationv1alpha1.AuditSink) { - if obj.Spec.Webhook.Throttle != nil { - if obj.Spec.Webhook.Throttle.QPS == nil { - obj.Spec.Webhook.Throttle.QPS = utilpointer.Int64Ptr(DefaultQPS) - } - if obj.Spec.Webhook.Throttle.Burst == nil { - obj.Spec.Webhook.Throttle.Burst = utilpointer.Int64Ptr(DefaultBurst) - } - } else { - obj.Spec.Webhook.Throttle = DefaultThrottle() - } -} diff --git a/pkg/apis/auditregistration/v1alpha1/defaults_test.go b/pkg/apis/auditregistration/v1alpha1/defaults_test.go deleted file mode 100644 index acfc7fba8a..0000000000 --- a/pkg/apis/auditregistration/v1alpha1/defaults_test.go +++ /dev/null @@ -1,165 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1_test - -import ( - "reflect" - "testing" - - auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - apiequality "k8s.io/apimachinery/pkg/api/equality" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/kubernetes/pkg/api/legacyscheme" - _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" - . "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" - utilpointer "k8s.io/utils/pointer" -) - -func TestSetDefaultAuditSink(t *testing.T) { - defaultURL := "http://test" - tests := []struct { - original *auditregistrationv1alpha1.AuditSink - expected *auditregistrationv1alpha1.AuditSink - }{ - { // Missing Throttle - original: &auditregistrationv1alpha1.AuditSink{ - Spec: auditregistrationv1alpha1.AuditSinkSpec{ - Policy: auditregistrationv1alpha1.Policy{ - Level: auditregistrationv1alpha1.LevelMetadata, - }, - Webhook: auditregistrationv1alpha1.Webhook{ - ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ - URL: &defaultURL, - }, - }, - }, - }, - expected: &auditregistrationv1alpha1.AuditSink{ - Spec: auditregistrationv1alpha1.AuditSinkSpec{ - Policy: auditregistrationv1alpha1.Policy{ - Level: auditregistrationv1alpha1.LevelMetadata, - }, - Webhook: auditregistrationv1alpha1.Webhook{ - Throttle: DefaultThrottle(), - ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ - URL: &defaultURL, - }, - }, - }, - }, - }, - { // Missing QPS - original: &auditregistrationv1alpha1.AuditSink{ - Spec: auditregistrationv1alpha1.AuditSinkSpec{ - Policy: auditregistrationv1alpha1.Policy{ - Level: auditregistrationv1alpha1.LevelMetadata, - }, - Webhook: auditregistrationv1alpha1.Webhook{ - Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ - Burst: utilpointer.Int64Ptr(1), - }, - ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ - URL: &defaultURL, - }, - }, - }, - }, - expected: &auditregistrationv1alpha1.AuditSink{ - Spec: auditregistrationv1alpha1.AuditSinkSpec{ - Policy: auditregistrationv1alpha1.Policy{ - Level: auditregistrationv1alpha1.LevelMetadata, - }, - Webhook: auditregistrationv1alpha1.Webhook{ - Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ - QPS: DefaultThrottle().QPS, - Burst: utilpointer.Int64Ptr(1), - }, - ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ - URL: &defaultURL, - }, - }, - }, - }, - }, - { // Missing Burst - original: &auditregistrationv1alpha1.AuditSink{ - Spec: auditregistrationv1alpha1.AuditSinkSpec{ - Policy: auditregistrationv1alpha1.Policy{ - Level: auditregistrationv1alpha1.LevelMetadata, - }, - Webhook: auditregistrationv1alpha1.Webhook{ - Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ - QPS: utilpointer.Int64Ptr(1), - }, - ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ - URL: &defaultURL, - }, - }, - }, - }, - expected: &auditregistrationv1alpha1.AuditSink{ - Spec: auditregistrationv1alpha1.AuditSinkSpec{ - Policy: auditregistrationv1alpha1.Policy{ - Level: auditregistrationv1alpha1.LevelMetadata, - }, - Webhook: auditregistrationv1alpha1.Webhook{ - Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ - QPS: utilpointer.Int64Ptr(1), - Burst: DefaultThrottle().Burst, - }, - ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ - URL: &defaultURL, - }, - }, - }, - }, - }, - } - - for i, test := range tests { - original := test.original - expected := test.expected - obj2 := roundTrip(t, runtime.Object(original)) - got, ok := obj2.(*auditregistrationv1alpha1.AuditSink) - if !ok { - t.Fatalf("(%d) unexpected object: %v", i, obj2) - } - if !apiequality.Semantic.DeepEqual(got.Spec, expected.Spec) { - t.Errorf("(%d) got different than expected\ngot:\n\t%+v\nexpected:\n\t%+v", i, got.Spec, expected.Spec) - } - } -} - -func roundTrip(t *testing.T, obj runtime.Object) runtime.Object { - data, err := runtime.Encode(legacyscheme.Codecs.LegacyCodec(SchemeGroupVersion), obj) - if err != nil { - t.Errorf("%v\n %#v", err, obj) - return nil - } - obj2, err := runtime.Decode(legacyscheme.Codecs.UniversalDecoder(), data) - if err != nil { - t.Errorf("%v\nData: %s\nSource: %#v", err, string(data), obj) - return nil - } - obj3 := reflect.New(reflect.TypeOf(obj).Elem()).Interface().(runtime.Object) - err = legacyscheme.Scheme.Convert(obj2, obj3, nil) - if err != nil { - t.Errorf("%v\nSource: %#v", err, obj2) - return nil - } - return obj3 -} diff --git a/pkg/apis/auditregistration/v1alpha1/doc.go b/pkg/apis/auditregistration/v1alpha1/doc.go deleted file mode 100644 index 606c457c30..0000000000 --- a/pkg/apis/auditregistration/v1alpha1/doc.go +++ /dev/null @@ -1,24 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/auditregistration -// +k8s:conversion-gen-external-types=k8s.io/api/auditregistration/v1alpha1 -// +k8s:defaulter-gen=TypeMeta -// +k8s:defaulter-gen-input=../../../../vendor/k8s.io/api/auditregistration/v1alpha1 - -// +groupName=auditregistration.k8s.io - -package v1alpha1 // import "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" diff --git a/pkg/apis/auditregistration/v1alpha1/register.go b/pkg/apis/auditregistration/v1alpha1/register.go deleted file mode 100644 index a74b162b6a..0000000000 --- a/pkg/apis/auditregistration/v1alpha1/register.go +++ /dev/null @@ -1,46 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1 - -import ( - auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName for audit registration -const GroupName = "auditregistration.k8s.io" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - localSchemeBuilder = &auditregistrationv1alpha1.SchemeBuilder - // AddToScheme audit registration - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addDefaultingFuncs) -} diff --git a/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go b/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go deleted file mode 100644 index b8f08e397e..0000000000 --- a/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go +++ /dev/null @@ -1,316 +0,0 @@ -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by conversion-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - unsafe "unsafe" - - v1alpha1 "k8s.io/api/auditregistration/v1alpha1" - conversion "k8s.io/apimachinery/pkg/conversion" - runtime "k8s.io/apimachinery/pkg/runtime" - auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" -) - -func init() { - localSchemeBuilder.Register(RegisterConversions) -} - -// RegisterConversions adds conversion functions to the given scheme. -// Public to allow building arbitrary schemes. -func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSink)(nil), (*auditregistration.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(a.(*v1alpha1.AuditSink), b.(*auditregistration.AuditSink), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSink)(nil), (*v1alpha1.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(a.(*auditregistration.AuditSink), b.(*v1alpha1.AuditSink), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkList)(nil), (*auditregistration.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(a.(*v1alpha1.AuditSinkList), b.(*auditregistration.AuditSinkList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkList)(nil), (*v1alpha1.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(a.(*auditregistration.AuditSinkList), b.(*v1alpha1.AuditSinkList), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkSpec)(nil), (*auditregistration.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(a.(*v1alpha1.AuditSinkSpec), b.(*auditregistration.AuditSinkSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkSpec)(nil), (*v1alpha1.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(a.(*auditregistration.AuditSinkSpec), b.(*v1alpha1.AuditSinkSpec), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*v1alpha1.Policy)(nil), (*auditregistration.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_Policy_To_auditregistration_Policy(a.(*v1alpha1.Policy), b.(*auditregistration.Policy), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.Policy)(nil), (*v1alpha1.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_Policy_To_v1alpha1_Policy(a.(*auditregistration.Policy), b.(*v1alpha1.Policy), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*v1alpha1.ServiceReference)(nil), (*auditregistration.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(a.(*v1alpha1.ServiceReference), b.(*auditregistration.ServiceReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.ServiceReference)(nil), (*v1alpha1.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(a.(*auditregistration.ServiceReference), b.(*v1alpha1.ServiceReference), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*v1alpha1.Webhook)(nil), (*auditregistration.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_Webhook_To_auditregistration_Webhook(a.(*v1alpha1.Webhook), b.(*auditregistration.Webhook), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.Webhook)(nil), (*v1alpha1.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_Webhook_To_v1alpha1_Webhook(a.(*auditregistration.Webhook), b.(*v1alpha1.Webhook), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookClientConfig)(nil), (*auditregistration.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(a.(*v1alpha1.WebhookClientConfig), b.(*auditregistration.WebhookClientConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookClientConfig)(nil), (*v1alpha1.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(a.(*auditregistration.WebhookClientConfig), b.(*v1alpha1.WebhookClientConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookThrottleConfig)(nil), (*auditregistration.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(a.(*v1alpha1.WebhookThrottleConfig), b.(*auditregistration.WebhookThrottleConfig), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookThrottleConfig)(nil), (*v1alpha1.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(a.(*auditregistration.WebhookThrottleConfig), b.(*v1alpha1.WebhookThrottleConfig), scope) - }); err != nil { - return err - } - return nil -} - -func autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink is an autogenerated conversion function. -func Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error { - return autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in, out, s) -} - -func autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error { - out.ObjectMeta = in.ObjectMeta - if err := Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil { - return err - } - return nil -} - -// Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink is an autogenerated conversion function. -func Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error { - return autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in, out, s) -} - -func autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]auditregistration.AuditSink)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList is an autogenerated conversion function. -func Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error { - return autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in, out, s) -} - -func autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error { - out.ListMeta = in.ListMeta - out.Items = *(*[]v1alpha1.AuditSink)(unsafe.Pointer(&in.Items)) - return nil -} - -// Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList is an autogenerated conversion function. -func Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error { - return autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in, out, s) -} - -func autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error { - if err := Convert_v1alpha1_Policy_To_auditregistration_Policy(&in.Policy, &out.Policy, s); err != nil { - return err - } - if err := Convert_v1alpha1_Webhook_To_auditregistration_Webhook(&in.Webhook, &out.Webhook, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec is an autogenerated conversion function. -func Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error { - return autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in, out, s) -} - -func autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error { - if err := Convert_auditregistration_Policy_To_v1alpha1_Policy(&in.Policy, &out.Policy, s); err != nil { - return err - } - if err := Convert_auditregistration_Webhook_To_v1alpha1_Webhook(&in.Webhook, &out.Webhook, s); err != nil { - return err - } - return nil -} - -// Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec is an autogenerated conversion function. -func Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error { - return autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in, out, s) -} - -func autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error { - out.Level = auditregistration.Level(in.Level) - out.Stages = *(*[]auditregistration.Stage)(unsafe.Pointer(&in.Stages)) - return nil -} - -// Convert_v1alpha1_Policy_To_auditregistration_Policy is an autogenerated conversion function. -func Convert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error { - return autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in, out, s) -} - -func autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error { - out.Level = v1alpha1.Level(in.Level) - out.Stages = *(*[]v1alpha1.Stage)(unsafe.Pointer(&in.Stages)) - return nil -} - -// Convert_auditregistration_Policy_To_v1alpha1_Policy is an autogenerated conversion function. -func Convert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error { - return autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in, out, s) -} - -func autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error { - out.Namespace = in.Namespace - out.Name = in.Name - out.Path = (*string)(unsafe.Pointer(in.Path)) - return nil -} - -// Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference is an autogenerated conversion function. -func Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error { - return autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in, out, s) -} - -func autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error { - out.Namespace = in.Namespace - out.Name = in.Name - out.Path = (*string)(unsafe.Pointer(in.Path)) - return nil -} - -// Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference is an autogenerated conversion function. -func Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error { - return autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in, out, s) -} - -func autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error { - out.Throttle = (*auditregistration.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle)) - if err := Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil { - return err - } - return nil -} - -// Convert_v1alpha1_Webhook_To_auditregistration_Webhook is an autogenerated conversion function. -func Convert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error { - return autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in, out, s) -} - -func autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error { - out.Throttle = (*v1alpha1.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle)) - if err := Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil { - return err - } - return nil -} - -// Convert_auditregistration_Webhook_To_v1alpha1_Webhook is an autogenerated conversion function. -func Convert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error { - return autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in, out, s) -} - -func autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error { - out.URL = (*string)(unsafe.Pointer(in.URL)) - out.Service = (*auditregistration.ServiceReference)(unsafe.Pointer(in.Service)) - out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle)) - return nil -} - -// Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig is an autogenerated conversion function. -func Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error { - return autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in, out, s) -} - -func autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error { - out.URL = (*string)(unsafe.Pointer(in.URL)) - out.Service = (*v1alpha1.ServiceReference)(unsafe.Pointer(in.Service)) - out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle)) - return nil -} - -// Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig is an autogenerated conversion function. -func Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error { - return autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in, out, s) -} - -func autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error { - out.QPS = (*int64)(unsafe.Pointer(in.QPS)) - out.Burst = (*int64)(unsafe.Pointer(in.Burst)) - return nil -} - -// Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig is an autogenerated conversion function. -func Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error { - return autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in, out, s) -} - -func autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error { - out.QPS = (*int64)(unsafe.Pointer(in.QPS)) - out.Burst = (*int64)(unsafe.Pointer(in.Burst)) - return nil -} - -// Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig is an autogenerated conversion function. -func Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error { - return autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in, out, s) -} diff --git a/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go b/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go deleted file mode 100644 index 1f23658b80..0000000000 --- a/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go +++ /dev/null @@ -1,46 +0,0 @@ -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by defaulter-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "k8s.io/api/auditregistration/v1alpha1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// RegisterDefaults adds defaulters functions to the given scheme. -// Public to allow building arbitrary schemes. -// All generated defaulters are covering - they call all nested defaulters. -func RegisterDefaults(scheme *runtime.Scheme) error { - scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSink{}, func(obj interface{}) { SetObjectDefaults_AuditSink(obj.(*v1alpha1.AuditSink)) }) - scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSinkList{}, func(obj interface{}) { SetObjectDefaults_AuditSinkList(obj.(*v1alpha1.AuditSinkList)) }) - return nil -} - -func SetObjectDefaults_AuditSink(in *v1alpha1.AuditSink) { - SetDefaults_AuditSink(in) -} - -func SetObjectDefaults_AuditSinkList(in *v1alpha1.AuditSinkList) { - for i := range in.Items { - a := &in.Items[i] - SetObjectDefaults_AuditSink(a) - } -} diff --git a/pkg/apis/auditregistration/validation/BUILD b/pkg/apis/auditregistration/validation/BUILD deleted file mode 100644 index 212861d922..0000000000 --- a/pkg/apis/auditregistration/validation/BUILD +++ /dev/null @@ -1,41 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") - -go_library( - name = "go_default_library", - srcs = ["validation.go"], - importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/validation", - visibility = ["//visibility:public"], - deps = [ - "//pkg/apis/auditregistration:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/webhook:go_default_library", - ], -) - -go_test( - name = "go_default_test", - srcs = ["validation_test.go"], - embed = [":go_default_library"], - deps = [ - "//pkg/apis/auditregistration:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", - "//vendor/github.com/stretchr/testify/require:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/apis/auditregistration/validation/validation.go b/pkg/apis/auditregistration/validation/validation.go deleted file mode 100644 index 849d0b111a..0000000000 --- a/pkg/apis/auditregistration/validation/validation.go +++ /dev/null @@ -1,123 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "strings" - - genericvalidation "k8s.io/apimachinery/pkg/api/validation" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/validation/field" - "k8s.io/apiserver/pkg/util/webhook" - "k8s.io/kubernetes/pkg/apis/auditregistration" -) - -// ValidateAuditSink validates the AuditSinks -func ValidateAuditSink(as *auditregistration.AuditSink) field.ErrorList { - allErrs := genericvalidation.ValidateObjectMeta(&as.ObjectMeta, false, genericvalidation.NameIsDNSSubdomain, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateAuditSinkSpec(as.Spec, field.NewPath("spec"))...) - return allErrs -} - -// ValidateAuditSinkSpec validates the sink spec for audit -func ValidateAuditSinkSpec(s auditregistration.AuditSinkSpec, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - allErrs = append(allErrs, ValidatePolicy(s.Policy, fldPath.Child("policy"))...) - allErrs = append(allErrs, ValidateWebhook(s.Webhook, fldPath.Child("webhook"))...) - return allErrs -} - -// ValidateWebhook validates the webhook -func ValidateWebhook(w auditregistration.Webhook, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - if w.Throttle != nil { - allErrs = append(allErrs, ValidateWebhookThrottleConfig(w.Throttle, fldPath.Child("throttle"))...) - } - - cc := w.ClientConfig - switch { - case (cc.URL == nil) == (cc.Service == nil): - allErrs = append(allErrs, field.Required(fldPath.Child("clientConfig"), "exactly one of url or service is required")) - case cc.URL != nil: - allErrs = append(allErrs, webhook.ValidateWebhookURL(fldPath.Child("clientConfig").Child("url"), *cc.URL, false)...) - case cc.Service != nil: - allErrs = append(allErrs, webhook.ValidateWebhookService(fldPath.Child("clientConfig").Child("service"), cc.Service.Name, cc.Service.Namespace, cc.Service.Path)...) - } - return allErrs -} - -// ValidateWebhookThrottleConfig validates the throttle config -func ValidateWebhookThrottleConfig(c *auditregistration.WebhookThrottleConfig, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - if c.QPS != nil && *c.QPS <= 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("qps"), c.QPS, "qps must be a positive number")) - } - if c.Burst != nil && *c.Burst <= 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("burst"), c.Burst, "burst must be a positive number")) - } - return allErrs -} - -// ValidatePolicy validates the audit policy -func ValidatePolicy(policy auditregistration.Policy, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - allErrs = append(allErrs, validateStages(policy.Stages, fldPath.Child("stages"))...) - allErrs = append(allErrs, validateLevel(policy.Level, fldPath.Child("level"))...) - if policy.Level != auditregistration.LevelNone && len(policy.Stages) == 0 { - return field.ErrorList{field.Required(fldPath.Child("stages"), "")} - } - return allErrs -} - -var validLevels = sets.NewString( - string(auditregistration.LevelNone), - string(auditregistration.LevelMetadata), - string(auditregistration.LevelRequest), - string(auditregistration.LevelRequestResponse), -) - -var validStages = sets.NewString( - string(auditregistration.StageRequestReceived), - string(auditregistration.StageResponseStarted), - string(auditregistration.StageResponseComplete), - string(auditregistration.StagePanic), -) - -func validateLevel(level auditregistration.Level, fldPath *field.Path) field.ErrorList { - if string(level) == "" { - return field.ErrorList{field.Required(fldPath, "")} - } - if !validLevels.Has(string(level)) { - return field.ErrorList{field.NotSupported(fldPath, level, validLevels.List())} - } - return nil -} - -func validateStages(stages []auditregistration.Stage, fldPath *field.Path) field.ErrorList { - var allErrs field.ErrorList - for i, stage := range stages { - if !validStages.Has(string(stage)) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i), string(stage), "allowed stages are "+strings.Join(validStages.List(), ","))) - } - } - return allErrs -} - -// ValidateAuditSinkUpdate validates an update to the object -func ValidateAuditSinkUpdate(newC, oldC *auditregistration.AuditSink) field.ErrorList { - return ValidateAuditSink(newC) -} diff --git a/pkg/apis/auditregistration/validation/validation_test.go b/pkg/apis/auditregistration/validation/validation_test.go deleted file mode 100644 index 96c6a882c5..0000000000 --- a/pkg/apis/auditregistration/validation/validation_test.go +++ /dev/null @@ -1,324 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "strings" - "testing" - - "github.com/stretchr/testify/require" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/validation/field" - "k8s.io/kubernetes/pkg/apis/auditregistration" -) - -func TestValidateAuditSink(t *testing.T) { - testQPS := int64(10) - testURL := "http://localhost" - testCases := []struct { - name string - conf auditregistration.AuditSink - numErr int - }{ - { - name: "should pass full config", - conf: auditregistration.AuditSink{ - ObjectMeta: metav1.ObjectMeta{ - Name: "myconf", - }, - Spec: auditregistration.AuditSinkSpec{ - Policy: auditregistration.Policy{ - Level: auditregistration.LevelRequest, - Stages: []auditregistration.Stage{ - auditregistration.StageRequestReceived, - }, - }, - Webhook: auditregistration.Webhook{ - Throttle: &auditregistration.WebhookThrottleConfig{ - QPS: &testQPS, - }, - ClientConfig: auditregistration.WebhookClientConfig{ - URL: &testURL, - }, - }, - }, - }, - numErr: 0, - }, - { - name: "should fail no policy", - conf: auditregistration.AuditSink{ - ObjectMeta: metav1.ObjectMeta{ - Name: "myconf", - }, - Spec: auditregistration.AuditSinkSpec{ - Webhook: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - URL: &testURL, - }, - }, - }, - }, - numErr: 1, - }, - { - name: "should fail no webhook", - conf: auditregistration.AuditSink{ - ObjectMeta: metav1.ObjectMeta{ - Name: "myconf", - }, - Spec: auditregistration.AuditSinkSpec{ - Policy: auditregistration.Policy{ - Level: auditregistration.LevelMetadata, - Stages: []auditregistration.Stage{ - auditregistration.StageRequestReceived, - }, - }, - }, - }, - numErr: 1, - }, - } - - for _, test := range testCases { - t.Run(test.name, func(t *testing.T) { - errs := ValidateAuditSink(&test.conf) - require.Len(t, errs, test.numErr) - }) - } -} - -func TestValidatePolicy(t *testing.T) { - successCases := []auditregistration.Policy{} - successCases = append(successCases, auditregistration.Policy{ // Policy with omitStages and level - Level: auditregistration.LevelRequest, - Stages: []auditregistration.Stage{ - auditregistration.Stage("RequestReceived"), - auditregistration.Stage("ResponseStarted"), - }, - }) - successCases = append(successCases, auditregistration.Policy{Level: auditregistration.LevelNone}) // Policy with none level only - - for i, policy := range successCases { - if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) != 0 { - t.Errorf("[%d] Expected policy %#v to be valid: %v", i, policy, errs) - } - } - - errorCases := []auditregistration.Policy{} - errorCases = append(errorCases, auditregistration.Policy{}) // Empty policy // Policy with missing level - errorCases = append(errorCases, auditregistration.Policy{Stages: []auditregistration.Stage{ // Policy with invalid stages - auditregistration.Stage("Bad")}}) - errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.Level("invalid")}) // Policy with bad level - errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.LevelMetadata}) // Policy without stages - - for i, policy := range errorCases { - if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) == 0 { - t.Errorf("[%d] Expected policy %#v to be invalid!", i, policy) - } - } -} - -func strPtr(s string) *string { return &s } - -func TestValidateWebhookConfiguration(t *testing.T) { - tests := []struct { - name string - config auditregistration.Webhook - expectedError string - }{ - { - name: "both service and URL missing", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{}, - }, - expectedError: `exactly one of`, - }, - { - name: "both service and URL provided", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - }, - URL: strPtr("example.com/k8s/webhook"), - }, - }, - expectedError: `webhook.clientConfig: Required value: exactly one of url or service is required`, - }, - { - name: "blank URL", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - URL: strPtr(""), - }, - }, - expectedError: `webhook.clientConfig.url: Invalid value: "": host must be provided`, - }, - { - name: "missing host", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - URL: strPtr("https:///fancy/webhook"), - }, - }, - expectedError: `host must be provided`, - }, - { - name: "fragment", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - URL: strPtr("https://example.com/#bookmark"), - }, - }, - expectedError: `"bookmark": fragments are not permitted`, - }, - { - name: "query", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - URL: strPtr("https://example.com?arg=value"), - }, - }, - expectedError: `"arg=value": query parameters are not permitted`, - }, - { - name: "user", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - URL: strPtr("https://harry.potter@example.com/"), - }, - }, - expectedError: `"harry.potter": user information is not permitted`, - }, - { - name: "just totally wrong", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - URL: strPtr("arg#backwards=thisis?html.index/port:host//:https"), - }, - }, - expectedError: `host must be provided`, - }, - { - name: "path must start with slash", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - Path: strPtr("foo/"), - }, - }, - }, - expectedError: `clientConfig.service.path: Invalid value: "foo/": must start with a '/'`, - }, - { - name: "path accepts slash", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - Path: strPtr("/"), - }, - }, - }, - expectedError: ``, - }, - { - name: "path accepts no trailing slash", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - Path: strPtr("/foo"), - }, - }, - }, - expectedError: ``, - }, - { - name: "path fails //", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - Path: strPtr("//"), - }, - }, - }, - expectedError: `clientConfig.service.path: Invalid value: "//": segment[0] may not be empty`, - }, - { - name: "path no empty step", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - Path: strPtr("/foo//bar/"), - }, - }, - }, - expectedError: `clientConfig.service.path: Invalid value: "/foo//bar/": segment[1] may not be empty`, - }, { - name: "path no empty step 2", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - Path: strPtr("/foo/bar//"), - }, - }, - }, - expectedError: `clientConfig.service.path: Invalid value: "/foo/bar//": segment[2] may not be empty`, - }, - { - name: "path no non-subdomain", - config: auditregistration.Webhook{ - ClientConfig: auditregistration.WebhookClientConfig{ - Service: &auditregistration.ServiceReference{ - Namespace: "ns", - Name: "n", - Path: strPtr("/apis/foo.bar/v1alpha1/--bad"), - }, - }, - }, - expectedError: `clientConfig.service.path: Invalid value: "/apis/foo.bar/v1alpha1/--bad": segment[3]: a DNS-1123 subdomain`, - }, - } - for _, test := range tests { - t.Run(test.name, func(t *testing.T) { - errs := ValidateWebhook(test.config, field.NewPath("webhook")) - err := errs.ToAggregate() - if err != nil { - if e, a := test.expectedError, err.Error(); !strings.Contains(a, e) || e == "" { - t.Errorf("expected to contain \nerr: %s \ngot: %s", e, a) - } - } else { - if test.expectedError != "" { - t.Errorf("unexpected no error, expected to contain %s", test.expectedError) - } - } - }) - } -} diff --git a/pkg/apis/auditregistration/zz_generated.deepcopy.go b/pkg/apis/auditregistration/zz_generated.deepcopy.go deleted file mode 100644 index 45106c0a5c..0000000000 --- a/pkg/apis/auditregistration/zz_generated.deepcopy.go +++ /dev/null @@ -1,224 +0,0 @@ -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package auditregistration - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AuditSink) DeepCopyInto(out *AuditSink) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSink. -func (in *AuditSink) DeepCopy() *AuditSink { - if in == nil { - return nil - } - out := new(AuditSink) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AuditSink) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AuditSinkList) DeepCopyInto(out *AuditSinkList) { - *out = *in - out.TypeMeta = in.TypeMeta - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]AuditSink, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkList. -func (in *AuditSinkList) DeepCopy() *AuditSinkList { - if in == nil { - return nil - } - out := new(AuditSinkList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AuditSinkList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AuditSinkSpec) DeepCopyInto(out *AuditSinkSpec) { - *out = *in - in.Policy.DeepCopyInto(&out.Policy) - in.Webhook.DeepCopyInto(&out.Webhook) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkSpec. -func (in *AuditSinkSpec) DeepCopy() *AuditSinkSpec { - if in == nil { - return nil - } - out := new(AuditSinkSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Policy) DeepCopyInto(out *Policy) { - *out = *in - if in.Stages != nil { - in, out := &in.Stages, &out.Stages - *out = make([]Stage, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. -func (in *Policy) DeepCopy() *Policy { - if in == nil { - return nil - } - out := new(Policy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceReference) DeepCopyInto(out *ServiceReference) { - *out = *in - if in.Path != nil { - in, out := &in.Path, &out.Path - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference. -func (in *ServiceReference) DeepCopy() *ServiceReference { - if in == nil { - return nil - } - out := new(ServiceReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Webhook) DeepCopyInto(out *Webhook) { - *out = *in - if in.Throttle != nil { - in, out := &in.Throttle, &out.Throttle - *out = new(WebhookThrottleConfig) - (*in).DeepCopyInto(*out) - } - in.ClientConfig.DeepCopyInto(&out.ClientConfig) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook. -func (in *Webhook) DeepCopy() *Webhook { - if in == nil { - return nil - } - out := new(Webhook) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig) { - *out = *in - if in.URL != nil { - in, out := &in.URL, &out.URL - *out = new(string) - **out = **in - } - if in.Service != nil { - in, out := &in.Service, &out.Service - *out = new(ServiceReference) - (*in).DeepCopyInto(*out) - } - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig. -func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig { - if in == nil { - return nil - } - out := new(WebhookClientConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookThrottleConfig) DeepCopyInto(out *WebhookThrottleConfig) { - *out = *in - if in.QPS != nil { - in, out := &in.QPS, &out.QPS - *out = new(int64) - **out = **in - } - if in.Burst != nil { - in, out := &in.Burst, &out.Burst - *out = new(int64) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookThrottleConfig. -func (in *WebhookThrottleConfig) DeepCopy() *WebhookThrottleConfig { - if in == nil { - return nil - } - out := new(WebhookThrottleConfig) - in.DeepCopyInto(out) - return out -} diff --git a/pkg/client/clientset_generated/internalclientset/clientset.go b/pkg/client/clientset_generated/internalclientset/clientset.go index 0be088023e..7a6bffeb46 100644 --- a/pkg/client/clientset_generated/internalclientset/clientset.go +++ b/pkg/client/clientset_generated/internalclientset/clientset.go @@ -24,7 +24,6 @@ import ( flowcontrol "k8s.io/client-go/util/flowcontrol" admissionregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion" appsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion" - auditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" authenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion" authorizationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion" autoscalinginternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion" @@ -46,7 +45,6 @@ type Interface interface { Admissionregistration() admissionregistrationinternalversion.AdmissionregistrationInterface Core() coreinternalversion.CoreInterface Apps() appsinternalversion.AppsInterface - Auditregistration() auditregistrationinternalversion.AuditregistrationInterface Authentication() authenticationinternalversion.AuthenticationInterface Authorization() authorizationinternalversion.AuthorizationInterface Autoscaling() autoscalinginternalversion.AutoscalingInterface @@ -69,7 +67,6 @@ type Clientset struct { admissionregistration *admissionregistrationinternalversion.AdmissionregistrationClient core *coreinternalversion.CoreClient apps *appsinternalversion.AppsClient - auditregistration *auditregistrationinternalversion.AuditregistrationClient authentication *authenticationinternalversion.AuthenticationClient authorization *authorizationinternalversion.AuthorizationClient autoscaling *autoscalinginternalversion.AutoscalingClient @@ -100,11 +97,6 @@ func (c *Clientset) Apps() appsinternalversion.AppsInterface { return c.apps } -// Auditregistration retrieves the AuditregistrationClient -func (c *Clientset) Auditregistration() auditregistrationinternalversion.AuditregistrationInterface { - return c.auditregistration -} - // Authentication retrieves the AuthenticationClient func (c *Clientset) Authentication() authenticationinternalversion.AuthenticationInterface { return c.authentication @@ -198,10 +190,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.auditregistration, err = auditregistrationinternalversion.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.authentication, err = authenticationinternalversion.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -269,7 +257,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { cs.admissionregistration = admissionregistrationinternalversion.NewForConfigOrDie(c) cs.core = coreinternalversion.NewForConfigOrDie(c) cs.apps = appsinternalversion.NewForConfigOrDie(c) - cs.auditregistration = auditregistrationinternalversion.NewForConfigOrDie(c) cs.authentication = authenticationinternalversion.NewForConfigOrDie(c) cs.authorization = authorizationinternalversion.NewForConfigOrDie(c) cs.autoscaling = autoscalinginternalversion.NewForConfigOrDie(c) @@ -294,7 +281,6 @@ func New(c rest.Interface) *Clientset { cs.admissionregistration = admissionregistrationinternalversion.New(c) cs.core = coreinternalversion.New(c) cs.apps = appsinternalversion.New(c) - cs.auditregistration = auditregistrationinternalversion.New(c) cs.authentication = authenticationinternalversion.New(c) cs.authorization = authorizationinternalversion.New(c) cs.autoscaling = autoscalinginternalversion.New(c) diff --git a/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go b/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go index f1349087e7..bee4238851 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go +++ b/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go @@ -29,8 +29,6 @@ import ( fakeadmissionregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/fake" appsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion" fakeappsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/fake" - auditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" - fakeauditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake" authenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion" fakeauthenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/fake" authorizationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion" @@ -118,11 +116,6 @@ func (c *Clientset) Apps() appsinternalversion.AppsInterface { return &fakeappsinternalversion.FakeApps{Fake: &c.Fake} } -// Auditregistration retrieves the AuditregistrationClient -func (c *Clientset) Auditregistration() auditregistrationinternalversion.AuditregistrationInterface { - return &fakeauditregistrationinternalversion.FakeAuditregistration{Fake: &c.Fake} -} - // Authentication retrieves the AuthenticationClient func (c *Clientset) Authentication() authenticationinternalversion.AuthenticationInterface { return &fakeauthenticationinternalversion.FakeAuthentication{Fake: &c.Fake} diff --git a/pkg/client/clientset_generated/internalclientset/fake/register.go b/pkg/client/clientset_generated/internalclientset/fake/register.go index f8b0e82ddd..b8a4d3c2fd 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/register.go +++ b/pkg/client/clientset_generated/internalclientset/fake/register.go @@ -26,7 +26,6 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" admissionregistrationinternalversion "k8s.io/kubernetes/pkg/apis/admissionregistration" appsinternalversion "k8s.io/kubernetes/pkg/apis/apps" - auditregistrationinternalversion "k8s.io/kubernetes/pkg/apis/auditregistration" authenticationinternalversion "k8s.io/kubernetes/pkg/apis/authentication" authorizationinternalversion "k8s.io/kubernetes/pkg/apis/authorization" autoscalinginternalversion "k8s.io/kubernetes/pkg/apis/autoscaling" @@ -50,7 +49,6 @@ var localSchemeBuilder = runtime.SchemeBuilder{ admissionregistrationinternalversion.AddToScheme, coreinternalversion.AddToScheme, appsinternalversion.AddToScheme, - auditregistrationinternalversion.AddToScheme, authenticationinternalversion.AddToScheme, authorizationinternalversion.AddToScheme, autoscalinginternalversion.AddToScheme, diff --git a/pkg/client/clientset_generated/internalclientset/scheme/register.go b/pkg/client/clientset_generated/internalclientset/scheme/register.go index c1076b5132..d304b182c2 100644 --- a/pkg/client/clientset_generated/internalclientset/scheme/register.go +++ b/pkg/client/clientset_generated/internalclientset/scheme/register.go @@ -25,7 +25,6 @@ import ( serializer "k8s.io/apimachinery/pkg/runtime/serializer" admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration/install" apps "k8s.io/kubernetes/pkg/apis/apps/install" - auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration/install" authentication "k8s.io/kubernetes/pkg/apis/authentication/install" authorization "k8s.io/kubernetes/pkg/apis/authorization/install" autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling/install" @@ -56,7 +55,6 @@ func Install(scheme *runtime.Scheme) { admissionregistration.Install(scheme) core.Install(scheme) apps.Install(scheme) - auditregistration.Install(scheme) authentication.Install(scheme) authorization.Install(scheme) autoscaling.Install(scheme) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD deleted file mode 100644 index 3d1e522b85..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD +++ /dev/null @@ -1,38 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "auditregistration_client.go", - "auditsink.go", - "doc.go", - "generated_expansion.go", - ], - importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion", - visibility = ["//visibility:public"], - deps = [ - "//pkg/apis/auditregistration:go_default_library", - "//pkg/client/clientset_generated/internalclientset/scheme:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", - "//staging/src/k8s.io/client-go/rest:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake:all-srcs", - ], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go deleted file mode 100644 index 07bedcbf5f..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go +++ /dev/null @@ -1,96 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package internalversion - -import ( - rest "k8s.io/client-go/rest" - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme" -) - -type AuditregistrationInterface interface { - RESTClient() rest.Interface - AuditSinksGetter -} - -// AuditregistrationClient is used to interact with features provided by the auditregistration.k8s.io group. -type AuditregistrationClient struct { - restClient rest.Interface -} - -func (c *AuditregistrationClient) AuditSinks() AuditSinkInterface { - return newAuditSinks(c) -} - -// NewForConfig creates a new AuditregistrationClient for the given config. -func NewForConfig(c *rest.Config) (*AuditregistrationClient, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &AuditregistrationClient{client}, nil -} - -// NewForConfigOrDie creates a new AuditregistrationClient for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *AuditregistrationClient { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new AuditregistrationClient for the given RESTClient. -func New(c rest.Interface) *AuditregistrationClient { - return &AuditregistrationClient{c} -} - -func setConfigDefaults(config *rest.Config) error { - config.APIPath = "/apis" - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - if config.GroupVersion == nil || config.GroupVersion.Group != scheme.Scheme.PrioritizedVersionsForGroup("auditregistration.k8s.io")[0].Group { - gv := scheme.Scheme.PrioritizedVersionsForGroup("auditregistration.k8s.io")[0] - config.GroupVersion = &gv - } - config.NegotiatedSerializer = scheme.Codecs - - if config.QPS == 0 { - config.QPS = 5 - } - if config.Burst == 0 { - config.Burst = 10 - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *AuditregistrationClient) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go deleted file mode 100644 index 8bbb0375af..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go +++ /dev/null @@ -1,164 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package internalversion - -import ( - "time" - - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" - auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" - scheme "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme" -) - -// AuditSinksGetter has a method to return a AuditSinkInterface. -// A group's client should implement this interface. -type AuditSinksGetter interface { - AuditSinks() AuditSinkInterface -} - -// AuditSinkInterface has methods to work with AuditSink resources. -type AuditSinkInterface interface { - Create(*auditregistration.AuditSink) (*auditregistration.AuditSink, error) - Update(*auditregistration.AuditSink) (*auditregistration.AuditSink, error) - Delete(name string, options *v1.DeleteOptions) error - DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error - Get(name string, options v1.GetOptions) (*auditregistration.AuditSink, error) - List(opts v1.ListOptions) (*auditregistration.AuditSinkList, error) - Watch(opts v1.ListOptions) (watch.Interface, error) - Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) - AuditSinkExpansion -} - -// auditSinks implements AuditSinkInterface -type auditSinks struct { - client rest.Interface -} - -// newAuditSinks returns a AuditSinks -func newAuditSinks(c *AuditregistrationClient) *auditSinks { - return &auditSinks{ - client: c.RESTClient(), - } -} - -// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. -func (c *auditSinks) Get(name string, options v1.GetOptions) (result *auditregistration.AuditSink, err error) { - result = &auditregistration.AuditSink{} - err = c.client.Get(). - Resource("auditsinks"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. -func (c *auditSinks) List(opts v1.ListOptions) (result *auditregistration.AuditSinkList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &auditregistration.AuditSinkList{} - err = c.client.Get(). - Resource("auditsinks"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested auditSinks. -func (c *auditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("auditsinks"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch() -} - -// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *auditSinks) Create(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { - result = &auditregistration.AuditSink{} - err = c.client.Post(). - Resource("auditsinks"). - Body(auditSink). - Do(). - Into(result) - return -} - -// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *auditSinks) Update(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { - result = &auditregistration.AuditSink{} - err = c.client.Put(). - Resource("auditsinks"). - Name(auditSink.Name). - Body(auditSink). - Do(). - Into(result) - return -} - -// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. -func (c *auditSinks) Delete(name string, options *v1.DeleteOptions) error { - return c.client.Delete(). - Resource("auditsinks"). - Name(name). - Body(options). - Do(). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *auditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { - var timeout time.Duration - if listOptions.TimeoutSeconds != nil { - timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("auditsinks"). - VersionedParams(&listOptions, scheme.ParameterCodec). - Timeout(timeout). - Body(options). - Do(). - Error() -} - -// Patch applies the patch and returns the patched auditSink. -func (c *auditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) { - result = &auditregistration.AuditSink{} - err = c.client.Patch(pt). - Resource("auditsinks"). - SubResource(subresources...). - Name(name). - Body(data). - Do(). - Into(result) - return -} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go deleted file mode 100644 index 86602442ba..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package internalversion diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD deleted file mode 100644 index 9a65f4ba86..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD +++ /dev/null @@ -1,37 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_auditregistration_client.go", - "fake_auditsink.go", - ], - importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake", - visibility = ["//visibility:public"], - deps = [ - "//pkg/apis/auditregistration:go_default_library", - "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", - "//staging/src/k8s.io/client-go/rest:go_default_library", - "//staging/src/k8s.io/client-go/testing:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go deleted file mode 100644 index 16f4439906..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go deleted file mode 100644 index 9cb2f1f3f4..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go +++ /dev/null @@ -1,40 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" - internalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" -) - -type FakeAuditregistration struct { - *testing.Fake -} - -func (c *FakeAuditregistration) AuditSinks() internalversion.AuditSinkInterface { - return &FakeAuditSinks{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeAuditregistration) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go deleted file mode 100644 index eac7d725ae..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go +++ /dev/null @@ -1,120 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" - auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" -) - -// FakeAuditSinks implements AuditSinkInterface -type FakeAuditSinks struct { - Fake *FakeAuditregistration -} - -var auditsinksResource = schema.GroupVersionResource{Group: "auditregistration.k8s.io", Version: "", Resource: "auditsinks"} - -var auditsinksKind = schema.GroupVersionKind{Group: "auditregistration.k8s.io", Version: "", Kind: "AuditSink"} - -// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. -func (c *FakeAuditSinks) Get(name string, options v1.GetOptions) (result *auditregistration.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(auditsinksResource, name), &auditregistration.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*auditregistration.AuditSink), err -} - -// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. -func (c *FakeAuditSinks) List(opts v1.ListOptions) (result *auditregistration.AuditSinkList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(auditsinksResource, auditsinksKind, opts), &auditregistration.AuditSinkList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &auditregistration.AuditSinkList{ListMeta: obj.(*auditregistration.AuditSinkList).ListMeta} - for _, item := range obj.(*auditregistration.AuditSinkList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested auditSinks. -func (c *FakeAuditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(auditsinksResource, opts)) -} - -// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *FakeAuditSinks) Create(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(auditsinksResource, auditSink), &auditregistration.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*auditregistration.AuditSink), err -} - -// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *FakeAuditSinks) Update(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(auditsinksResource, auditSink), &auditregistration.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*auditregistration.AuditSink), err -} - -// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. -func (c *FakeAuditSinks) Delete(name string, options *v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(auditsinksResource, name), &auditregistration.AuditSink{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeAuditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(auditsinksResource, listOptions) - - _, err := c.Fake.Invokes(action, &auditregistration.AuditSinkList{}) - return err -} - -// Patch applies the patch and returns the patched auditSink. -func (c *FakeAuditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(auditsinksResource, name, pt, data, subresources...), &auditregistration.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*auditregistration.AuditSink), err -} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go deleted file mode 100644 index 4d3547b8d2..0000000000 --- a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go +++ /dev/null @@ -1,21 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package internalversion - -type AuditSinkExpansion interface{} diff --git a/pkg/features/kube_features.go b/pkg/features/kube_features.go index ece886c3d4..bb9f1c925a 100644 --- a/pkg/features/kube_features.go +++ b/pkg/features/kube_features.go @@ -386,7 +386,6 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS genericfeatures.StreamingProxyRedirects: {Default: true, PreRelease: utilfeature.Beta}, genericfeatures.ValidateProxyRedirects: {Default: true, PreRelease: utilfeature.Beta}, genericfeatures.AdvancedAuditing: {Default: true, PreRelease: utilfeature.GA}, - genericfeatures.DynamicAuditing: {Default: false, PreRelease: utilfeature.Alpha}, genericfeatures.APIListChunking: {Default: true, PreRelease: utilfeature.Beta}, genericfeatures.DryRun: {Default: true, PreRelease: utilfeature.Beta}, genericfeatures.ServerSideApply: {Default: false, PreRelease: utilfeature.Alpha}, diff --git a/pkg/master/import_known_versions.go b/pkg/master/import_known_versions.go index 9f83c483bb..9d0d6cd8cd 100644 --- a/pkg/master/import_known_versions.go +++ b/pkg/master/import_known_versions.go @@ -21,7 +21,6 @@ import ( _ "k8s.io/kubernetes/pkg/apis/admission/install" _ "k8s.io/kubernetes/pkg/apis/admissionregistration/install" _ "k8s.io/kubernetes/pkg/apis/apps/install" - _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" _ "k8s.io/kubernetes/pkg/apis/authentication/install" _ "k8s.io/kubernetes/pkg/apis/authorization/install" _ "k8s.io/kubernetes/pkg/apis/autoscaling/install" diff --git a/pkg/master/master.go b/pkg/master/master.go index d3e615bdff..f0e842c07b 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -28,7 +28,6 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" - auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authorizationapiv1 "k8s.io/api/authorization/v1" authorizationapiv1beta1 "k8s.io/api/authorization/v1beta1" @@ -79,7 +78,6 @@ import ( // RESTStorage installers admissionregistrationrest "k8s.io/kubernetes/pkg/registry/admissionregistration/rest" appsrest "k8s.io/kubernetes/pkg/registry/apps/rest" - auditregistrationrest "k8s.io/kubernetes/pkg/registry/auditregistration/rest" authenticationrest "k8s.io/kubernetes/pkg/registry/authentication/rest" authorizationrest "k8s.io/kubernetes/pkg/registry/authorization/rest" autoscalingrest "k8s.io/kubernetes/pkg/registry/autoscaling/rest" @@ -331,7 +329,6 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget) // TODO: describe the priority all the way down in the RESTStorageProviders and plumb it back through the various discovery // handlers that we have. restStorageProviders := []RESTStorageProvider{ - auditregistrationrest.RESTStorageProvider{}, authenticationrest.RESTStorageProvider{Authenticator: c.GenericConfig.Authentication.Authenticator, APIAudiences: c.GenericConfig.Authentication.APIAudiences}, authorizationrest.RESTStorageProvider{Authorizer: c.GenericConfig.Authorization.Authorizer, RuleResolver: c.GenericConfig.RuleResolver}, autoscalingrest.RESTStorageProvider{}, @@ -515,7 +512,6 @@ func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig { ) // disable alpha versions explicitly so we have a full list of what's possible to serve ret.DisableVersions( - auditregistrationv1alpha1.SchemeGroupVersion, batchapiv2alpha1.SchemeGroupVersion, nodev1alpha1.SchemeGroupVersion, ) diff --git a/pkg/registry/auditregistration/auditsink/BUILD b/pkg/registry/auditregistration/auditsink/BUILD deleted file mode 100644 index c34dafb777..0000000000 --- a/pkg/registry/auditregistration/auditsink/BUILD +++ /dev/null @@ -1,36 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "strategy.go", - ], - importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink", - visibility = ["//visibility:public"], - deps = [ - "//pkg/api/legacyscheme:go_default_library", - "//pkg/apis/auditregistration:go_default_library", - "//pkg/apis/auditregistration/validation:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/storage/names:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//pkg/registry/auditregistration/auditsink/storage:all-srcs", - ], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/registry/auditregistration/auditsink/doc.go b/pkg/registry/auditregistration/auditsink/doc.go deleted file mode 100644 index 09f36e9aa8..0000000000 --- a/pkg/registry/auditregistration/auditsink/doc.go +++ /dev/null @@ -1,17 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package auditsink // import "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink" diff --git a/pkg/registry/auditregistration/auditsink/storage/BUILD b/pkg/registry/auditregistration/auditsink/storage/BUILD deleted file mode 100644 index daa0d67de0..0000000000 --- a/pkg/registry/auditregistration/auditsink/storage/BUILD +++ /dev/null @@ -1,29 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["storage.go"], - importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink/storage", - visibility = ["//visibility:public"], - deps = [ - "//pkg/apis/auditregistration:go_default_library", - "//pkg/registry/auditregistration/auditsink:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/registry/auditregistration/auditsink/storage/storage.go b/pkg/registry/auditregistration/auditsink/storage/storage.go deleted file mode 100644 index f0f071407a..0000000000 --- a/pkg/registry/auditregistration/auditsink/storage/storage.go +++ /dev/null @@ -1,51 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package storage - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apiserver/pkg/registry/generic" - genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" - "k8s.io/kubernetes/pkg/apis/auditregistration" - auditstrategy "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink" -) - -// REST implements a RESTStorage for audit sink against etcd -type REST struct { - *genericregistry.Store -} - -// NewREST returns a RESTStorage object that will work against audit sinks -func NewREST(optsGetter generic.RESTOptionsGetter) *REST { - store := &genericregistry.Store{ - NewFunc: func() runtime.Object { return &auditregistration.AuditSink{} }, - NewListFunc: func() runtime.Object { return &auditregistration.AuditSinkList{} }, - ObjectNameFunc: func(obj runtime.Object) (string, error) { - return obj.(*auditregistration.AuditSink).Name, nil - }, - DefaultQualifiedResource: auditregistration.Resource("auditsinks"), - - CreateStrategy: auditstrategy.Strategy, - UpdateStrategy: auditstrategy.Strategy, - DeleteStrategy: auditstrategy.Strategy, - } - options := &generic.StoreOptions{RESTOptions: optsGetter} - if err := store.CompleteWithOptions(options); err != nil { - panic(err) // TODO: Propagate error up - } - return &REST{store} -} diff --git a/pkg/registry/auditregistration/auditsink/strategy.go b/pkg/registry/auditregistration/auditsink/strategy.go deleted file mode 100644 index 23c85ccbca..0000000000 --- a/pkg/registry/auditregistration/auditsink/strategy.go +++ /dev/null @@ -1,89 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package auditsink - -import ( - "context" - "reflect" - - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/util/validation/field" - "k8s.io/apiserver/pkg/storage/names" - "k8s.io/kubernetes/pkg/api/legacyscheme" - audit "k8s.io/kubernetes/pkg/apis/auditregistration" - "k8s.io/kubernetes/pkg/apis/auditregistration/validation" -) - -// auditSinkStrategy implements verification logic for AuditSink. -type auditSinkStrategy struct { - runtime.ObjectTyper - names.NameGenerator -} - -// Strategy is the default logic that applies when creating and updating AuditSink objects. -var Strategy = auditSinkStrategy{legacyscheme.Scheme, names.SimpleNameGenerator} - -// NamespaceScoped returns false because all AuditSink's need to be cluster scoped -func (auditSinkStrategy) NamespaceScoped() bool { - return false -} - -// PrepareForCreate clears the status of an AuditSink before creation. -func (auditSinkStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) { - ic := obj.(*audit.AuditSink) - ic.Generation = 1 -} - -// PrepareForUpdate clears fields that are not allowed to be set by end users on update. -func (auditSinkStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { - newIC := obj.(*audit.AuditSink) - oldIC := old.(*audit.AuditSink) - - // Any changes to the policy or backend increment the generation number - // See metav1.ObjectMeta description for more information on Generation. - if !reflect.DeepEqual(oldIC.Spec, newIC.Spec) { - newIC.Generation = oldIC.Generation + 1 - } -} - -// Validate validates a new auditSink. -func (auditSinkStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { - ic := obj.(*audit.AuditSink) - return validation.ValidateAuditSink(ic) -} - -// Canonicalize normalizes the object after validation. -func (auditSinkStrategy) Canonicalize(obj runtime.Object) { -} - -// AllowCreateOnUpdate is true for auditSink; this means you may create one with a PUT request. -func (auditSinkStrategy) AllowCreateOnUpdate() bool { - return false -} - -// ValidateUpdate is the default update validation for an end user. -func (auditSinkStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - validationErrorList := validation.ValidateAuditSink(obj.(*audit.AuditSink)) - updateErrorList := validation.ValidateAuditSinkUpdate(obj.(*audit.AuditSink), old.(*audit.AuditSink)) - return append(validationErrorList, updateErrorList...) -} - -// AllowUnconditionalUpdate is the default update policy for auditSink objects. Status update should -// only be allowed if version match. -func (auditSinkStrategy) AllowUnconditionalUpdate() bool { - return false -} diff --git a/pkg/registry/auditregistration/rest/BUILD b/pkg/registry/auditregistration/rest/BUILD deleted file mode 100644 index a772ac495a..0000000000 --- a/pkg/registry/auditregistration/rest/BUILD +++ /dev/null @@ -1,31 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["storage_auditregistration.go"], - importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/rest", - visibility = ["//visibility:public"], - deps = [ - "//pkg/api/legacyscheme:go_default_library", - "//pkg/registry/auditregistration/auditsink/storage:go_default_library", - "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/registry/rest:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/pkg/registry/auditregistration/rest/storage_auditregistration.go b/pkg/registry/auditregistration/rest/storage_auditregistration.go deleted file mode 100644 index 4bc5e88496..0000000000 --- a/pkg/registry/auditregistration/rest/storage_auditregistration.go +++ /dev/null @@ -1,53 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package rest - -import ( - auditv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - "k8s.io/apiserver/pkg/registry/generic" - "k8s.io/apiserver/pkg/registry/rest" - genericapiserver "k8s.io/apiserver/pkg/server" - serverstorage "k8s.io/apiserver/pkg/server/storage" - "k8s.io/kubernetes/pkg/api/legacyscheme" - auditstorage "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink/storage" -) - -// RESTStorageProvider is a REST storage provider for audit.k8s.io -type RESTStorageProvider struct{} - -// NewRESTStorage returns a RESTStorageProvider -func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool) { - apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(auditv1alpha1.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs) - - if apiResourceConfigSource.VersionEnabled(auditv1alpha1.SchemeGroupVersion) { - apiGroupInfo.VersionedResourcesStorageMap[auditv1alpha1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter) - } - return apiGroupInfo, true -} - -func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage { - storage := map[string]rest.Storage{} - s := auditstorage.NewREST(restOptionsGetter) - storage["auditsinks"] = s - - return storage -} - -// GroupName is the group name for the storage provider -func (p RESTStorageProvider) GroupName() string { - return auditv1alpha1.GroupName -} diff --git a/staging/src/k8s.io/api/auditregistration/OWNERS b/staging/src/k8s.io/api/auditregistration/OWNERS deleted file mode 100644 index 3ff06a10f5..0000000000 --- a/staging/src/k8s.io/api/auditregistration/OWNERS +++ /dev/null @@ -1,8 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: -- sig-auth-audit-approvers -- sig-auth-audit-reviewers -labels: -- sig/auth - diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD deleted file mode 100644 index 5f1523e0f0..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD +++ /dev/null @@ -1,36 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "generated.pb.go", - "register.go", - "types.go", - "types_swagger_doc_generated.go", - "zz_generated.deepcopy.go", - ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1", - importpath = "k8s.io/api/auditregistration/v1alpha1", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/github.com/gogo/protobuf/proto:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go deleted file mode 100644 index ae8f767149..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:deepcopy-gen=package -// +k8s:protobuf-gen=package -// +k8s:openapi-gen=true - -// +groupName=auditregistration.k8s.io - -package v1alpha1 // import "k8s.io/api/auditregistration/v1alpha1" diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go deleted file mode 100644 index c33310ec43..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go +++ /dev/null @@ -1,1690 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto - -/* - Package v1alpha1 is a generated protocol buffer package. - - It is generated from these files: - k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto - - It has these top-level messages: - AuditSink - AuditSinkList - AuditSinkSpec - Policy - ServiceReference - Webhook - WebhookClientConfig - WebhookThrottleConfig -*/ -package v1alpha1 - -import ( - fmt "fmt" - - proto "github.com/gogo/protobuf/proto" - - math "math" - - strings "strings" - - reflect "reflect" - - io "io" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package - -func (m *AuditSink) Reset() { *m = AuditSink{} } -func (*AuditSink) ProtoMessage() {} -func (*AuditSink) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} } - -func (m *AuditSinkList) Reset() { *m = AuditSinkList{} } -func (*AuditSinkList) ProtoMessage() {} -func (*AuditSinkList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} } - -func (m *AuditSinkSpec) Reset() { *m = AuditSinkSpec{} } -func (*AuditSinkSpec) ProtoMessage() {} -func (*AuditSinkSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} } - -func (m *Policy) Reset() { *m = Policy{} } -func (*Policy) ProtoMessage() {} -func (*Policy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} } - -func (m *ServiceReference) Reset() { *m = ServiceReference{} } -func (*ServiceReference) ProtoMessage() {} -func (*ServiceReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} } - -func (m *Webhook) Reset() { *m = Webhook{} } -func (*Webhook) ProtoMessage() {} -func (*Webhook) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} } - -func (m *WebhookClientConfig) Reset() { *m = WebhookClientConfig{} } -func (*WebhookClientConfig) ProtoMessage() {} -func (*WebhookClientConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} } - -func (m *WebhookThrottleConfig) Reset() { *m = WebhookThrottleConfig{} } -func (*WebhookThrottleConfig) ProtoMessage() {} -func (*WebhookThrottleConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} } - -func init() { - proto.RegisterType((*AuditSink)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSink") - proto.RegisterType((*AuditSinkList)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSinkList") - proto.RegisterType((*AuditSinkSpec)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSinkSpec") - proto.RegisterType((*Policy)(nil), "k8s.io.api.auditregistration.v1alpha1.Policy") - proto.RegisterType((*ServiceReference)(nil), "k8s.io.api.auditregistration.v1alpha1.ServiceReference") - proto.RegisterType((*Webhook)(nil), "k8s.io.api.auditregistration.v1alpha1.Webhook") - proto.RegisterType((*WebhookClientConfig)(nil), "k8s.io.api.auditregistration.v1alpha1.WebhookClientConfig") - proto.RegisterType((*WebhookThrottleConfig)(nil), "k8s.io.api.auditregistration.v1alpha1.WebhookThrottleConfig") -} -func (m *AuditSink) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AuditSink) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - dAtA[i] = 0xa - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size())) - n1, err := m.ObjectMeta.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n1 - dAtA[i] = 0x12 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size())) - n2, err := m.Spec.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n2 - return i, nil -} - -func (m *AuditSinkList) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AuditSinkList) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - dAtA[i] = 0xa - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size())) - n3, err := m.ListMeta.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n3 - if len(m.Items) > 0 { - for _, msg := range m.Items { - dAtA[i] = 0x12 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(msg.Size())) - n, err := msg.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n - } - } - return i, nil -} - -func (m *AuditSinkSpec) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AuditSinkSpec) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - dAtA[i] = 0xa - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.Policy.Size())) - n4, err := m.Policy.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n4 - dAtA[i] = 0x12 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.Webhook.Size())) - n5, err := m.Webhook.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n5 - return i, nil -} - -func (m *Policy) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Policy) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - dAtA[i] = 0xa - i++ - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Level))) - i += copy(dAtA[i:], m.Level) - if len(m.Stages) > 0 { - for _, s := range m.Stages { - dAtA[i] = 0x12 - i++ - l = len(s) - for l >= 1<<7 { - dAtA[i] = uint8(uint64(l)&0x7f | 0x80) - l >>= 7 - i++ - } - dAtA[i] = uint8(l) - i++ - i += copy(dAtA[i:], s) - } - } - return i, nil -} - -func (m *ServiceReference) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *ServiceReference) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - dAtA[i] = 0xa - i++ - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Namespace))) - i += copy(dAtA[i:], m.Namespace) - dAtA[i] = 0x12 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name))) - i += copy(dAtA[i:], m.Name) - if m.Path != nil { - dAtA[i] = 0x1a - i++ - i = encodeVarintGenerated(dAtA, i, uint64(len(*m.Path))) - i += copy(dAtA[i:], *m.Path) - } - return i, nil -} - -func (m *Webhook) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Webhook) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - if m.Throttle != nil { - dAtA[i] = 0xa - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.Throttle.Size())) - n6, err := m.Throttle.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n6 - } - dAtA[i] = 0x12 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.ClientConfig.Size())) - n7, err := m.ClientConfig.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n7 - return i, nil -} - -func (m *WebhookClientConfig) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *WebhookClientConfig) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - if m.URL != nil { - dAtA[i] = 0xa - i++ - i = encodeVarintGenerated(dAtA, i, uint64(len(*m.URL))) - i += copy(dAtA[i:], *m.URL) - } - if m.Service != nil { - dAtA[i] = 0x12 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(m.Service.Size())) - n8, err := m.Service.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n8 - } - if m.CABundle != nil { - dAtA[i] = 0x1a - i++ - i = encodeVarintGenerated(dAtA, i, uint64(len(m.CABundle))) - i += copy(dAtA[i:], m.CABundle) - } - return i, nil -} - -func (m *WebhookThrottleConfig) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *WebhookThrottleConfig) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - if m.QPS != nil { - dAtA[i] = 0x8 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(*m.QPS)) - } - if m.Burst != nil { - dAtA[i] = 0x10 - i++ - i = encodeVarintGenerated(dAtA, i, uint64(*m.Burst)) - } - return i, nil -} - -func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int { - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return offset + 1 -} -func (m *AuditSink) Size() (n int) { - var l int - _ = l - l = m.ObjectMeta.Size() - n += 1 + l + sovGenerated(uint64(l)) - l = m.Spec.Size() - n += 1 + l + sovGenerated(uint64(l)) - return n -} - -func (m *AuditSinkList) Size() (n int) { - var l int - _ = l - l = m.ListMeta.Size() - n += 1 + l + sovGenerated(uint64(l)) - if len(m.Items) > 0 { - for _, e := range m.Items { - l = e.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - } - return n -} - -func (m *AuditSinkSpec) Size() (n int) { - var l int - _ = l - l = m.Policy.Size() - n += 1 + l + sovGenerated(uint64(l)) - l = m.Webhook.Size() - n += 1 + l + sovGenerated(uint64(l)) - return n -} - -func (m *Policy) Size() (n int) { - var l int - _ = l - l = len(m.Level) - n += 1 + l + sovGenerated(uint64(l)) - if len(m.Stages) > 0 { - for _, s := range m.Stages { - l = len(s) - n += 1 + l + sovGenerated(uint64(l)) - } - } - return n -} - -func (m *ServiceReference) Size() (n int) { - var l int - _ = l - l = len(m.Namespace) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.Name) - n += 1 + l + sovGenerated(uint64(l)) - if m.Path != nil { - l = len(*m.Path) - n += 1 + l + sovGenerated(uint64(l)) - } - return n -} - -func (m *Webhook) Size() (n int) { - var l int - _ = l - if m.Throttle != nil { - l = m.Throttle.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - l = m.ClientConfig.Size() - n += 1 + l + sovGenerated(uint64(l)) - return n -} - -func (m *WebhookClientConfig) Size() (n int) { - var l int - _ = l - if m.URL != nil { - l = len(*m.URL) - n += 1 + l + sovGenerated(uint64(l)) - } - if m.Service != nil { - l = m.Service.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - if m.CABundle != nil { - l = len(m.CABundle) - n += 1 + l + sovGenerated(uint64(l)) - } - return n -} - -func (m *WebhookThrottleConfig) Size() (n int) { - var l int - _ = l - if m.QPS != nil { - n += 1 + sovGenerated(uint64(*m.QPS)) - } - if m.Burst != nil { - n += 1 + sovGenerated(uint64(*m.Burst)) - } - return n -} - -func sovGenerated(x uint64) (n int) { - for { - n++ - x >>= 7 - if x == 0 { - break - } - } - return n -} -func sozGenerated(x uint64) (n int) { - return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *AuditSink) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&AuditSink{`, - `ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`, - `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "AuditSinkSpec", "AuditSinkSpec", 1), `&`, ``, 1) + `,`, - `}`, - }, "") - return s -} -func (this *AuditSinkList) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&AuditSinkList{`, - `ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`, - `Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "AuditSink", "AuditSink", 1), `&`, ``, 1) + `,`, - `}`, - }, "") - return s -} -func (this *AuditSinkSpec) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&AuditSinkSpec{`, - `Policy:` + strings.Replace(strings.Replace(this.Policy.String(), "Policy", "Policy", 1), `&`, ``, 1) + `,`, - `Webhook:` + strings.Replace(strings.Replace(this.Webhook.String(), "Webhook", "Webhook", 1), `&`, ``, 1) + `,`, - `}`, - }, "") - return s -} -func (this *Policy) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Policy{`, - `Level:` + fmt.Sprintf("%v", this.Level) + `,`, - `Stages:` + fmt.Sprintf("%v", this.Stages) + `,`, - `}`, - }, "") - return s -} -func (this *ServiceReference) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&ServiceReference{`, - `Namespace:` + fmt.Sprintf("%v", this.Namespace) + `,`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `Path:` + valueToStringGenerated(this.Path) + `,`, - `}`, - }, "") - return s -} -func (this *Webhook) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Webhook{`, - `Throttle:` + strings.Replace(fmt.Sprintf("%v", this.Throttle), "WebhookThrottleConfig", "WebhookThrottleConfig", 1) + `,`, - `ClientConfig:` + strings.Replace(strings.Replace(this.ClientConfig.String(), "WebhookClientConfig", "WebhookClientConfig", 1), `&`, ``, 1) + `,`, - `}`, - }, "") - return s -} -func (this *WebhookClientConfig) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&WebhookClientConfig{`, - `URL:` + valueToStringGenerated(this.URL) + `,`, - `Service:` + strings.Replace(fmt.Sprintf("%v", this.Service), "ServiceReference", "ServiceReference", 1) + `,`, - `CABundle:` + valueToStringGenerated(this.CABundle) + `,`, - `}`, - }, "") - return s -} -func (this *WebhookThrottleConfig) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&WebhookThrottleConfig{`, - `QPS:` + valueToStringGenerated(this.QPS) + `,`, - `Burst:` + valueToStringGenerated(this.Burst) + `,`, - `}`, - }, "") - return s -} -func valueToStringGenerated(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *AuditSink) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AuditSink: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AuditSink: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AuditSinkList) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AuditSinkList: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AuditSinkList: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Items = append(m.Items, AuditSink{}) - if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *AuditSinkSpec) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AuditSinkSpec: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AuditSinkSpec: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Policy", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Policy.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Webhook", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Webhook.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Policy) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Policy: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Policy: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Level", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Level = Level(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Stages", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Stages = append(m.Stages, Stage(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ServiceReference) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ServiceReference: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ServiceReference: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Namespace = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Path", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Path = &s - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Webhook) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Webhook: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Webhook: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Throttle", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Throttle == nil { - m.Throttle = &WebhookThrottleConfig{} - } - if err := m.Throttle.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ClientConfig", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ClientConfig.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *WebhookClientConfig) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: WebhookClientConfig: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: WebhookClientConfig: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field URL", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.URL = &s - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Service == nil { - m.Service = &ServiceReference{} - } - if err := m.Service.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field CABundle", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + byteLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.CABundle = append(m.CABundle[:0], dAtA[iNdEx:postIndex]...) - if m.CABundle == nil { - m.CABundle = []byte{} - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *WebhookThrottleConfig) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: WebhookThrottleConfig: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: WebhookThrottleConfig: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field QPS", wireType) - } - var v int64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= (int64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - m.QPS = &v - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Burst", wireType) - } - var v int64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= (int64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - m.Burst = &v - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipGenerated(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowGenerated - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowGenerated - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - return iNdEx, nil - case 1: - iNdEx += 8 - return iNdEx, nil - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowGenerated - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - iNdEx += length - if length < 0 { - return 0, ErrInvalidLengthGenerated - } - return iNdEx, nil - case 3: - for { - var innerWire uint64 - var start int = iNdEx - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowGenerated - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - innerWire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - innerWireType := int(innerWire & 0x7) - if innerWireType == 4 { - break - } - next, err := skipGenerated(dAtA[start:]) - if err != nil { - return 0, err - } - iNdEx = start + next - } - return iNdEx, nil - case 4: - return iNdEx, nil - case 5: - iNdEx += 4 - return iNdEx, nil - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - } - panic("unreachable") -} - -var ( - ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowGenerated = fmt.Errorf("proto: integer overflow") -) - -func init() { - proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto", fileDescriptorGenerated) -} - -var fileDescriptorGenerated = []byte{ - // 747 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x52, 0x41, 0x6f, 0xd3, 0x48, - 0x14, 0x8e, 0x9b, 0xa4, 0x49, 0xa6, 0xe9, 0x6e, 0x77, 0xba, 0xbb, 0xca, 0x56, 0x2b, 0xa7, 0xb2, - 0xb4, 0x52, 0xa5, 0xdd, 0x8e, 0xb7, 0xa8, 0x02, 0x84, 0xb8, 0xd4, 0x3d, 0x21, 0x95, 0x52, 0x26, - 0x14, 0x04, 0x42, 0x88, 0x89, 0xf3, 0x62, 0x0f, 0x49, 0x6c, 0x63, 0x8f, 0x83, 0x7a, 0x43, 0xe2, - 0x0f, 0xf0, 0x7b, 0xb8, 0x21, 0x81, 0xd4, 0x63, 0x8f, 0x3d, 0x55, 0x34, 0x1c, 0xf8, 0x0f, 0x9c, - 0xd0, 0x8c, 0xc7, 0x49, 0x68, 0x8a, 0x48, 0x6f, 0x33, 0xdf, 0xbc, 0xef, 0x7b, 0xdf, 0xf7, 0xde, - 0xa0, 0xfd, 0xde, 0xcd, 0x84, 0xf0, 0xd0, 0xee, 0xa5, 0x6d, 0x88, 0x03, 0x10, 0x90, 0xd8, 0x43, - 0x08, 0x3a, 0x61, 0x6c, 0xeb, 0x07, 0x16, 0x71, 0x9b, 0xa5, 0x1d, 0x2e, 0x62, 0xf0, 0x78, 0x22, - 0x62, 0x26, 0x78, 0x18, 0xd8, 0xc3, 0x2d, 0xd6, 0x8f, 0x7c, 0xb6, 0x65, 0x7b, 0x10, 0x40, 0xcc, - 0x04, 0x74, 0x48, 0x14, 0x87, 0x22, 0xc4, 0xff, 0x64, 0x34, 0xc2, 0x22, 0x4e, 0x66, 0x68, 0x24, - 0xa7, 0xad, 0x6d, 0x7a, 0x5c, 0xf8, 0x69, 0x9b, 0xb8, 0xe1, 0xc0, 0xf6, 0x42, 0x2f, 0xb4, 0x15, - 0xbb, 0x9d, 0x76, 0xd5, 0x4d, 0x5d, 0xd4, 0x29, 0x53, 0x5d, 0xdb, 0x9e, 0x98, 0x19, 0x30, 0xd7, - 0xe7, 0x01, 0xc4, 0x47, 0x76, 0xd4, 0xf3, 0x24, 0x90, 0xd8, 0x03, 0x10, 0xcc, 0x1e, 0xce, 0x78, - 0x59, 0xb3, 0x7f, 0xc4, 0x8a, 0xd3, 0x40, 0xf0, 0x01, 0xcc, 0x10, 0xae, 0xff, 0x8c, 0x90, 0xb8, - 0x3e, 0x0c, 0xd8, 0x45, 0x9e, 0xf5, 0xd1, 0x40, 0xb5, 0x1d, 0x19, 0xb6, 0xc5, 0x83, 0x1e, 0x7e, - 0x8e, 0xaa, 0xd2, 0x51, 0x87, 0x09, 0xd6, 0x30, 0xd6, 0x8d, 0x8d, 0xa5, 0x6b, 0xff, 0x93, 0xc9, - 0x54, 0xc6, 0xc2, 0x24, 0xea, 0x79, 0x12, 0x48, 0x88, 0xac, 0x26, 0xc3, 0x2d, 0x72, 0xaf, 0xfd, - 0x02, 0x5c, 0x71, 0x17, 0x04, 0x73, 0xf0, 0xf1, 0x59, 0xb3, 0x30, 0x3a, 0x6b, 0xa2, 0x09, 0x46, - 0xc7, 0xaa, 0xf8, 0x21, 0x2a, 0x25, 0x11, 0xb8, 0x8d, 0x05, 0xa5, 0xbe, 0x4d, 0xe6, 0x9a, 0x39, - 0x19, 0x3b, 0x6c, 0x45, 0xe0, 0x3a, 0x75, 0xdd, 0xa1, 0x24, 0x6f, 0x54, 0xe9, 0x59, 0x1f, 0x0c, - 0xb4, 0x3c, 0xae, 0xda, 0xe3, 0x89, 0xc0, 0x4f, 0x67, 0xb2, 0x90, 0xf9, 0xb2, 0x48, 0xb6, 0x4a, - 0xb2, 0xa2, 0xfb, 0x54, 0x73, 0x64, 0x2a, 0xc7, 0x21, 0x2a, 0x73, 0x01, 0x83, 0xa4, 0xb1, 0xb0, - 0x5e, 0xbc, 0x30, 0xa6, 0xb9, 0x82, 0x38, 0xcb, 0x5a, 0xbc, 0x7c, 0x47, 0xca, 0xd0, 0x4c, 0xcd, - 0x7a, 0x3f, 0x1d, 0x43, 0xc6, 0xc3, 0x87, 0x68, 0x31, 0x0a, 0xfb, 0xdc, 0x3d, 0xd2, 0x21, 0x36, - 0xe7, 0xec, 0x74, 0xa0, 0x48, 0xce, 0x2f, 0xba, 0xcd, 0x62, 0x76, 0xa7, 0x5a, 0x0c, 0x3f, 0x46, - 0x95, 0x57, 0xd0, 0xf6, 0xc3, 0xb0, 0xa7, 0x57, 0x41, 0xe6, 0xd4, 0x7d, 0x94, 0xb1, 0x9c, 0x5f, - 0xb5, 0x70, 0x45, 0x03, 0x34, 0xd7, 0xb3, 0x5c, 0xa4, 0x9b, 0xe1, 0xff, 0x50, 0xb9, 0x0f, 0x43, - 0xe8, 0x2b, 0xeb, 0x35, 0xe7, 0xcf, 0x3c, 0xf2, 0x9e, 0x04, 0xbf, 0xe6, 0x07, 0x9a, 0x15, 0xe1, - 0x7f, 0xd1, 0x62, 0x22, 0x98, 0x07, 0xd9, 0x4c, 0x6b, 0xce, 0xaa, 0xb4, 0xdd, 0x52, 0x88, 0xac, - 0x55, 0x27, 0xaa, 0x4b, 0xac, 0x37, 0x06, 0x5a, 0x69, 0x41, 0x3c, 0xe4, 0x2e, 0x50, 0xe8, 0x42, - 0x0c, 0x81, 0x0b, 0xd8, 0x46, 0xb5, 0x80, 0x0d, 0x20, 0x89, 0x98, 0x0b, 0xba, 0xe7, 0x6f, 0xba, - 0x67, 0x6d, 0x3f, 0x7f, 0xa0, 0x93, 0x1a, 0xbc, 0x8e, 0x4a, 0xf2, 0xa2, 0x46, 0x50, 0x9b, 0xfc, - 0x2b, 0x59, 0x4b, 0xd5, 0x0b, 0xfe, 0x1b, 0x95, 0x22, 0x26, 0xfc, 0x46, 0x51, 0x55, 0x54, 0xe5, - 0xeb, 0x01, 0x13, 0x3e, 0x55, 0xa8, 0xf5, 0xc5, 0x40, 0x79, 0x7e, 0xdc, 0x45, 0x55, 0xe1, 0xc7, - 0xa1, 0x10, 0x7d, 0xd0, 0xab, 0xba, 0x7d, 0xb5, 0x91, 0x3e, 0xd0, 0xec, 0xdd, 0x30, 0xe8, 0x72, - 0xcf, 0xa9, 0xcb, 0x9f, 0x97, 0x63, 0x74, 0xac, 0x8d, 0x05, 0xaa, 0xbb, 0x7d, 0x0e, 0x81, 0xc8, - 0xea, 0xf4, 0xfa, 0x6e, 0x5d, 0xad, 0xd7, 0xee, 0x94, 0x82, 0xf3, 0xbb, 0xce, 0x5d, 0x9f, 0x46, - 0xe9, 0x77, 0x5d, 0xac, 0x77, 0x06, 0x5a, 0xbd, 0x84, 0x8b, 0xff, 0x42, 0xc5, 0x34, 0xce, 0x17, - 0x5c, 0x19, 0x9d, 0x35, 0x8b, 0x87, 0x74, 0x8f, 0x4a, 0x0c, 0x3f, 0x43, 0x95, 0x24, 0xdb, 0x90, - 0xf6, 0x78, 0x63, 0x4e, 0x8f, 0x17, 0xf7, 0xea, 0x2c, 0xc9, 0x7f, 0x96, 0xa3, 0xb9, 0x28, 0xde, - 0x40, 0x55, 0x97, 0x39, 0x69, 0xd0, 0xe9, 0x83, 0x5a, 0x4f, 0x3d, 0x1b, 0xd9, 0xee, 0x4e, 0x86, - 0xd1, 0xf1, 0xab, 0xd5, 0x42, 0x7f, 0x5c, 0x3a, 0x63, 0xe9, 0xfe, 0x65, 0x94, 0x28, 0xf7, 0xc5, - 0xcc, 0xfd, 0xfd, 0x83, 0x16, 0x95, 0x18, 0x6e, 0xa2, 0x72, 0x3b, 0x8d, 0x13, 0xa1, 0xbc, 0x17, - 0x9d, 0x9a, 0xfc, 0xb7, 0x8e, 0x04, 0x68, 0x86, 0x3b, 0xe4, 0xf8, 0xdc, 0x2c, 0x9c, 0x9c, 0x9b, - 0x85, 0xd3, 0x73, 0xb3, 0xf0, 0x7a, 0x64, 0x1a, 0xc7, 0x23, 0xd3, 0x38, 0x19, 0x99, 0xc6, 0xe9, - 0xc8, 0x34, 0x3e, 0x8d, 0x4c, 0xe3, 0xed, 0x67, 0xb3, 0xf0, 0xa4, 0x9a, 0xa7, 0xfa, 0x16, 0x00, - 0x00, 0xff, 0xff, 0x55, 0x1b, 0x03, 0x56, 0xaf, 0x06, 0x00, 0x00, -} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto deleted file mode 100644 index 70801a6c51..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto +++ /dev/null @@ -1,158 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - - -// This file was autogenerated by go-to-protobuf. Do not edit it manually! - -syntax = 'proto2'; - -package k8s.io.api.auditregistration.v1alpha1; - -import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; -import "k8s.io/apimachinery/pkg/runtime/generated.proto"; -import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; - -// Package-wide variables from generator "generated". -option go_package = "v1alpha1"; - -// AuditSink represents a cluster level audit sink -message AuditSink { - // +optional - optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; - - // Spec defines the audit configuration spec - optional AuditSinkSpec spec = 2; -} - -// AuditSinkList is a list of AuditSink items. -message AuditSinkList { - // +optional - optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; - - // List of audit configurations. - repeated AuditSink items = 2; -} - -// AuditSinkSpec holds the spec for the audit sink -message AuditSinkSpec { - // Policy defines the policy for selecting which events should be sent to the webhook - // required - optional Policy policy = 1; - - // Webhook to send events - // required - optional Webhook webhook = 2; -} - -// Policy defines the configuration of how audit events are logged -message Policy { - // The Level that all requests are recorded at. - // available options: None, Metadata, Request, RequestResponse - // required - optional string level = 1; - - // Stages is a list of stages for which events are created. - // +optional - repeated string stages = 2; -} - -// ServiceReference holds a reference to Service.legacy.k8s.io -message ServiceReference { - // `namespace` is the namespace of the service. - // Required - optional string namespace = 1; - - // `name` is the name of the service. - // Required - optional string name = 2; - - // `path` is an optional URL path which will be sent in any request to - // this service. - // +optional - optional string path = 3; -} - -// Webhook holds the configuration of the webhook -message Webhook { - // Throttle holds the options for throttling the webhook - // +optional - optional WebhookThrottleConfig throttle = 1; - - // ClientConfig holds the connection parameters for the webhook - // required - optional WebhookClientConfig clientConfig = 2; -} - -// WebhookClientConfig contains the information to make a connection with the webhook -message WebhookClientConfig { - // `url` gives the location of the webhook, in standard URL form - // (`scheme://host:port/path`). Exactly one of `url` or `service` - // must be specified. - // - // The `host` should not refer to a service running in the cluster; use - // the `service` field instead. The host might be resolved via external - // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve - // in-cluster DNS as that would be a layering violation). `host` may - // also be an IP address. - // - // Please note that using `localhost` or `127.0.0.1` as a `host` is - // risky unless you take great care to run this webhook on all hosts - // which run an apiserver which might need to make calls to this - // webhook. Such installs are likely to be non-portable, i.e., not easy - // to turn up in a new cluster. - // - // The scheme must be "https"; the URL must begin with "https://". - // - // A path is optional, and if present may be any string permissible in - // a URL. You may use the path to pass an arbitrary string to the - // webhook, for example, a cluster identifier. - // - // Attempting to use a user or basic auth e.g. "user:password@" is not - // allowed. Fragments ("#...") and query parameters ("?...") are not - // allowed, either. - // - // +optional - optional string url = 1; - - // `service` is a reference to the service for this webhook. Either - // `service` or `url` must be specified. - // - // If the webhook is running within the cluster, then you should use `service`. - // - // Port 443 will be used if it is open, otherwise it is an error. - // - // +optional - optional ServiceReference service = 2; - - // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. - // If unspecified, system trust roots on the apiserver are used. - // +optional - optional bytes caBundle = 3; -} - -// WebhookThrottleConfig holds the configuration for throttling events -message WebhookThrottleConfig { - // ThrottleQPS maximum number of batches per second - // default 10 QPS - // +optional - optional int64 qps = 1; - - // ThrottleBurst is the maximum number of events sent at the same moment - // default 15 QPS - // +optional - optional int64 burst = 2; -} - diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go deleted file mode 100644 index d6271608f0..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go +++ /dev/null @@ -1,56 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName is the group name use in this package -const GroupName = "auditregistration.k8s.io" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &AuditSink{}, - &AuditSinkList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go deleted file mode 100644 index af31cfe275..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go +++ /dev/null @@ -1,194 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// +k8s:openapi-gen=true - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// Level defines the amount of information logged during auditing -type Level string - -// Valid audit levels -const ( - // LevelNone disables auditing - LevelNone Level = "None" - // LevelMetadata provides the basic level of auditing. - LevelMetadata Level = "Metadata" - // LevelRequest provides Metadata level of auditing, and additionally - // logs the request object (does not apply for non-resource requests). - LevelRequest Level = "Request" - // LevelRequestResponse provides Request level of auditing, and additionally - // logs the response object (does not apply for non-resource requests and watches). - LevelRequestResponse Level = "RequestResponse" -) - -// Stage defines the stages in request handling during which audit events may be generated. -type Stage string - -// Valid audit stages. -const ( - // The stage for events generated after the audit handler receives the request, but before it - // is delegated down the handler chain. - StageRequestReceived = "RequestReceived" - // The stage for events generated after the response headers are sent, but before the response body - // is sent. This stage is only generated for long-running requests (e.g. watch). - StageResponseStarted = "ResponseStarted" - // The stage for events generated after the response body has been completed, and no more bytes - // will be sent. - StageResponseComplete = "ResponseComplete" - // The stage for events generated when a panic occurred. - StagePanic = "Panic" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// AuditSink represents a cluster level audit sink -type AuditSink struct { - metav1.TypeMeta `json:",inline"` - // +optional - metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` - - // Spec defines the audit configuration spec - Spec AuditSinkSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` -} - -// AuditSinkSpec holds the spec for the audit sink -type AuditSinkSpec struct { - // Policy defines the policy for selecting which events should be sent to the webhook - // required - Policy Policy `json:"policy" protobuf:"bytes,1,opt,name=policy"` - - // Webhook to send events - // required - Webhook Webhook `json:"webhook" protobuf:"bytes,2,opt,name=webhook"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// AuditSinkList is a list of AuditSink items. -type AuditSinkList struct { - metav1.TypeMeta `json:",inline"` - // +optional - metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` - - // List of audit configurations. - Items []AuditSink `json:"items" protobuf:"bytes,2,rep,name=items"` -} - -// Policy defines the configuration of how audit events are logged -type Policy struct { - // The Level that all requests are recorded at. - // available options: None, Metadata, Request, RequestResponse - // required - Level Level `json:"level" protobuf:"bytes,1,opt,name=level"` - - // Stages is a list of stages for which events are created. - // +optional - Stages []Stage `json:"stages" protobuf:"bytes,2,opt,name=stages"` -} - -// Webhook holds the configuration of the webhook -type Webhook struct { - // Throttle holds the options for throttling the webhook - // +optional - Throttle *WebhookThrottleConfig `json:"throttle,omitempty" protobuf:"bytes,1,opt,name=throttle"` - - // ClientConfig holds the connection parameters for the webhook - // required - ClientConfig WebhookClientConfig `json:"clientConfig" protobuf:"bytes,2,opt,name=clientConfig"` -} - -// WebhookThrottleConfig holds the configuration for throttling events -type WebhookThrottleConfig struct { - // ThrottleQPS maximum number of batches per second - // default 10 QPS - // +optional - QPS *int64 `json:"qps,omitempty" protobuf:"bytes,1,opt,name=qps"` - - // ThrottleBurst is the maximum number of events sent at the same moment - // default 15 QPS - // +optional - Burst *int64 `json:"burst,omitempty" protobuf:"bytes,2,opt,name=burst"` -} - -// WebhookClientConfig contains the information to make a connection with the webhook -type WebhookClientConfig struct { - // `url` gives the location of the webhook, in standard URL form - // (`scheme://host:port/path`). Exactly one of `url` or `service` - // must be specified. - // - // The `host` should not refer to a service running in the cluster; use - // the `service` field instead. The host might be resolved via external - // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve - // in-cluster DNS as that would be a layering violation). `host` may - // also be an IP address. - // - // Please note that using `localhost` or `127.0.0.1` as a `host` is - // risky unless you take great care to run this webhook on all hosts - // which run an apiserver which might need to make calls to this - // webhook. Such installs are likely to be non-portable, i.e., not easy - // to turn up in a new cluster. - // - // The scheme must be "https"; the URL must begin with "https://". - // - // A path is optional, and if present may be any string permissible in - // a URL. You may use the path to pass an arbitrary string to the - // webhook, for example, a cluster identifier. - // - // Attempting to use a user or basic auth e.g. "user:password@" is not - // allowed. Fragments ("#...") and query parameters ("?...") are not - // allowed, either. - // - // +optional - URL *string `json:"url,omitempty" protobuf:"bytes,1,opt,name=url"` - - // `service` is a reference to the service for this webhook. Either - // `service` or `url` must be specified. - // - // If the webhook is running within the cluster, then you should use `service`. - // - // Port 443 will be used if it is open, otherwise it is an error. - // - // +optional - Service *ServiceReference `json:"service,omitempty" protobuf:"bytes,2,opt,name=service"` - - // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. - // If unspecified, system trust roots on the apiserver are used. - // +optional - CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,3,opt,name=caBundle"` -} - -// ServiceReference holds a reference to Service.legacy.k8s.io -type ServiceReference struct { - // `namespace` is the namespace of the service. - // Required - Namespace string `json:"namespace" protobuf:"bytes,1,opt,name=namespace"` - - // `name` is the name of the service. - // Required - Name string `json:"name" protobuf:"bytes,2,opt,name=name"` - - // `path` is an optional URL path which will be sent in any request to - // this service. - // +optional - Path *string `json:"path,omitempty" protobuf:"bytes,3,opt,name=path"` -} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go deleted file mode 100644 index edd608f3b2..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go +++ /dev/null @@ -1,110 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1 - -// This file contains a collection of methods that can be used from go-restful to -// generate Swagger API documentation for its models. Please read this PR for more -// information on the implementation: https://github.com/emicklei/go-restful/pull/215 -// -// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if -// they are on one line! For multiple line or blocks that you want to ignore use ---. -// Any context after a --- is ignored. -// -// Those methods can be generated by using hack/update-generated-swagger-docs.sh - -// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT. -var map_AuditSink = map[string]string{ - "": "AuditSink represents a cluster level audit sink", - "spec": "Spec defines the audit configuration spec", -} - -func (AuditSink) SwaggerDoc() map[string]string { - return map_AuditSink -} - -var map_AuditSinkList = map[string]string{ - "": "AuditSinkList is a list of AuditSink items.", - "items": "List of audit configurations.", -} - -func (AuditSinkList) SwaggerDoc() map[string]string { - return map_AuditSinkList -} - -var map_AuditSinkSpec = map[string]string{ - "": "AuditSinkSpec holds the spec for the audit sink", - "policy": "Policy defines the policy for selecting which events should be sent to the webhook required", - "webhook": "Webhook to send events required", -} - -func (AuditSinkSpec) SwaggerDoc() map[string]string { - return map_AuditSinkSpec -} - -var map_Policy = map[string]string{ - "": "Policy defines the configuration of how audit events are logged", - "level": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required", - "stages": "Stages is a list of stages for which events are created.", -} - -func (Policy) SwaggerDoc() map[string]string { - return map_Policy -} - -var map_ServiceReference = map[string]string{ - "": "ServiceReference holds a reference to Service.legacy.k8s.io", - "namespace": "`namespace` is the namespace of the service. Required", - "name": "`name` is the name of the service. Required", - "path": "`path` is an optional URL path which will be sent in any request to this service.", -} - -func (ServiceReference) SwaggerDoc() map[string]string { - return map_ServiceReference -} - -var map_Webhook = map[string]string{ - "": "Webhook holds the configuration of the webhook", - "throttle": "Throttle holds the options for throttling the webhook", - "clientConfig": "ClientConfig holds the connection parameters for the webhook required", -} - -func (Webhook) SwaggerDoc() map[string]string { - return map_Webhook -} - -var map_WebhookClientConfig = map[string]string{ - "": "WebhookClientConfig contains the information to make a connection with the webhook", - "url": "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", - "service": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", - "caBundle": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.", -} - -func (WebhookClientConfig) SwaggerDoc() map[string]string { - return map_WebhookClientConfig -} - -var map_WebhookThrottleConfig = map[string]string{ - "": "WebhookThrottleConfig holds the configuration for throttling events", - "qps": "ThrottleQPS maximum number of batches per second default 10 QPS", - "burst": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS", -} - -func (WebhookThrottleConfig) SwaggerDoc() map[string]string { - return map_WebhookThrottleConfig -} - -// AUTO-GENERATED FUNCTIONS END HERE diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index e71deffad3..0000000000 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,224 +0,0 @@ -// +build !ignore_autogenerated - -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AuditSink) DeepCopyInto(out *AuditSink) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSink. -func (in *AuditSink) DeepCopy() *AuditSink { - if in == nil { - return nil - } - out := new(AuditSink) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AuditSink) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AuditSinkList) DeepCopyInto(out *AuditSinkList) { - *out = *in - out.TypeMeta = in.TypeMeta - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]AuditSink, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkList. -func (in *AuditSinkList) DeepCopy() *AuditSinkList { - if in == nil { - return nil - } - out := new(AuditSinkList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AuditSinkList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AuditSinkSpec) DeepCopyInto(out *AuditSinkSpec) { - *out = *in - in.Policy.DeepCopyInto(&out.Policy) - in.Webhook.DeepCopyInto(&out.Webhook) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkSpec. -func (in *AuditSinkSpec) DeepCopy() *AuditSinkSpec { - if in == nil { - return nil - } - out := new(AuditSinkSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Policy) DeepCopyInto(out *Policy) { - *out = *in - if in.Stages != nil { - in, out := &in.Stages, &out.Stages - *out = make([]Stage, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. -func (in *Policy) DeepCopy() *Policy { - if in == nil { - return nil - } - out := new(Policy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceReference) DeepCopyInto(out *ServiceReference) { - *out = *in - if in.Path != nil { - in, out := &in.Path, &out.Path - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference. -func (in *ServiceReference) DeepCopy() *ServiceReference { - if in == nil { - return nil - } - out := new(ServiceReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Webhook) DeepCopyInto(out *Webhook) { - *out = *in - if in.Throttle != nil { - in, out := &in.Throttle, &out.Throttle - *out = new(WebhookThrottleConfig) - (*in).DeepCopyInto(*out) - } - in.ClientConfig.DeepCopyInto(&out.ClientConfig) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook. -func (in *Webhook) DeepCopy() *Webhook { - if in == nil { - return nil - } - out := new(Webhook) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig) { - *out = *in - if in.URL != nil { - in, out := &in.URL, &out.URL - *out = new(string) - **out = **in - } - if in.Service != nil { - in, out := &in.Service, &out.Service - *out = new(ServiceReference) - (*in).DeepCopyInto(*out) - } - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig. -func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig { - if in == nil { - return nil - } - out := new(WebhookClientConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookThrottleConfig) DeepCopyInto(out *WebhookThrottleConfig) { - *out = *in - if in.QPS != nil { - in, out := &in.QPS, &out.QPS - *out = new(int64) - **out = **in - } - if in.Burst != nil { - in, out := &in.Burst, &out.Burst - *out = new(int64) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookThrottleConfig. -func (in *WebhookThrottleConfig) DeepCopy() *WebhookThrottleConfig { - if in == nil { - return nil - } - out := new(WebhookThrottleConfig) - in.DeepCopyInto(out) - return out -} diff --git a/staging/src/k8s.io/apiserver/pkg/audit/policy/dynamic.go b/staging/src/k8s.io/apiserver/pkg/audit/policy/dynamic.go deleted file mode 100644 index 4b5f29a113..0000000000 --- a/staging/src/k8s.io/apiserver/pkg/audit/policy/dynamic.go +++ /dev/null @@ -1,54 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package policy - -import ( - "k8s.io/api/auditregistration/v1alpha1" - "k8s.io/apiserver/pkg/apis/audit" - "k8s.io/apiserver/pkg/authorization/authorizer" -) - -// ConvertDynamicPolicyToInternal constructs an internal policy type from a -// v1alpha1 dynamic type -func ConvertDynamicPolicyToInternal(p *v1alpha1.Policy) *audit.Policy { - stages := make([]audit.Stage, len(p.Stages)) - for i, stage := range p.Stages { - stages[i] = audit.Stage(stage) - } - return &audit.Policy{ - Rules: []audit.PolicyRule{ - { - Level: audit.Level(p.Level), - }, - }, - OmitStages: InvertStages(stages), - } -} - -// NewDynamicChecker returns a new dynamic policy checker -func NewDynamicChecker() Checker { - return &dynamicPolicyChecker{} -} - -type dynamicPolicyChecker struct{} - -// LevelAndStages returns returns a fixed level of the full event, this is so that the downstream policy -// can be applied per sink. -// TODO: this needs benchmarking before the API moves to beta to determine the effect this has on the apiserver -func (d *dynamicPolicyChecker) LevelAndStages(authorizer.Attributes) (audit.Level, []audit.Stage) { - return audit.LevelRequestResponse, []audit.Stage{} -} diff --git a/staging/src/k8s.io/apiserver/pkg/features/kube_features.go b/staging/src/k8s.io/apiserver/pkg/features/kube_features.go index 724bb644b8..52e5909f9b 100644 --- a/staging/src/k8s.io/apiserver/pkg/features/kube_features.go +++ b/staging/src/k8s.io/apiserver/pkg/features/kube_features.go @@ -53,13 +53,6 @@ const ( // audited. AdvancedAuditing utilfeature.Feature = "AdvancedAuditing" - // owner: @pbarker - // alpha: v1.13 - // - // DynamicAuditing enables configuration of audit policy and webhook backends through an - // AuditSink API object. - DynamicAuditing utilfeature.Feature = "DynamicAuditing" - // owner: @smarterclayton // alpha: v1.8 // beta: v1.9 @@ -114,7 +107,6 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS StreamingProxyRedirects: {Default: true, PreRelease: utilfeature.Beta}, ValidateProxyRedirects: {Default: true, PreRelease: utilfeature.Beta}, AdvancedAuditing: {Default: true, PreRelease: utilfeature.GA}, - DynamicAuditing: {Default: false, PreRelease: utilfeature.Alpha}, APIListChunking: {Default: true, PreRelease: utilfeature.Beta}, DryRun: {Default: true, PreRelease: utilfeature.Beta}, ServerSideApply: {Default: false, PreRelease: utilfeature.Alpha}, diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/audit.go b/staging/src/k8s.io/apiserver/pkg/server/options/audit.go index 98b3fc615c..beacd72127 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/audit.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/audit.go @@ -27,7 +27,6 @@ import ( "gopkg.in/natefinch/lumberjack.v2" "k8s.io/klog" - corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime/schema" auditinternal "k8s.io/apiserver/pkg/apis/audit" auditv1 "k8s.io/apiserver/pkg/apis/audit/v1" @@ -35,18 +34,12 @@ import ( auditv1beta1 "k8s.io/apiserver/pkg/apis/audit/v1beta1" "k8s.io/apiserver/pkg/audit" "k8s.io/apiserver/pkg/audit/policy" - "k8s.io/apiserver/pkg/features" "k8s.io/apiserver/pkg/server" - utilfeature "k8s.io/apiserver/pkg/util/feature" pluginbuffered "k8s.io/apiserver/plugin/pkg/audit/buffered" - plugindynamic "k8s.io/apiserver/plugin/pkg/audit/dynamic" - pluginenforced "k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced" pluginlog "k8s.io/apiserver/plugin/pkg/audit/log" plugintruncate "k8s.io/apiserver/plugin/pkg/audit/truncate" pluginwebhook "k8s.io/apiserver/plugin/pkg/audit/webhook" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes" - v1core "k8s.io/client-go/kubernetes/typed/core/v1" restclient "k8s.io/client-go/rest" ) @@ -78,7 +71,6 @@ type AuditOptions struct { // Plugin options LogOptions AuditLogOptions WebhookOptions AuditWebhookOptions - DynamicOptions AuditDynamicOptions } const ( @@ -148,16 +140,6 @@ type AuditWebhookOptions struct { GroupVersionString string } -// AuditDynamicOptions control the configuration of dynamic backends for audit events -type AuditDynamicOptions struct { - // Enabled tells whether the dynamic audit capability is enabled. - Enabled bool - - // Configuration for batching backend. This is currently only used as an override - // for integration tests - BatchConfig *pluginbuffered.BatchConfig -} - func NewAuditOptions() *AuditOptions { return &AuditOptions{ WebhookOptions: AuditWebhookOptions{ @@ -178,10 +160,6 @@ func NewAuditOptions() *AuditOptions { TruncateOptions: NewAuditTruncateOptions(), GroupVersionString: "audit.k8s.io/v1", }, - DynamicOptions: AuditDynamicOptions{ - Enabled: false, - BatchConfig: plugindynamic.NewDefaultWebhookBatchConfig(), - }, } } @@ -204,7 +182,6 @@ func (o *AuditOptions) Validate() []error { var allErrors []error allErrors = append(allErrors, o.LogOptions.Validate()...) allErrors = append(allErrors, o.WebhookOptions.Validate()...) - allErrors = append(allErrors, o.DynamicOptions.Validate()...) return allErrors } @@ -284,7 +261,6 @@ func (o *AuditOptions) AddFlags(fs *pflag.FlagSet) { o.WebhookOptions.AddFlags(fs) o.WebhookOptions.BatchOptions.AddFlags(pluginwebhook.PluginName, fs) o.WebhookOptions.TruncateOptions.AddFlags(pluginwebhook.PluginName, fs) - o.DynamicOptions.AddFlags(fs) } func (o *AuditOptions) ApplyTo( @@ -337,23 +313,7 @@ func (o *AuditOptions) ApplyTo( // 4. Apply dynamic options. var dynamicBackend audit.Backend - if o.DynamicOptions.enabled() { - // if dynamic is enabled the webhook and log backends need to be wrapped in an enforced backend with the static policy - if webhookBackend != nil { - webhookBackend = pluginenforced.NewBackend(webhookBackend, checker) - } - if logBackend != nil { - logBackend = pluginenforced.NewBackend(logBackend, checker) - } - // build dynamic backend - dynamicBackend, checker, err = o.DynamicOptions.newBackend(c.ExternalAddress, kubeClientConfig, informers, processInfo, webhookOptions) - if err != nil { - return err - } - // union dynamic and webhook backends so that truncate options can be applied to both - dynamicBackend = appendBackend(webhookBackend, dynamicBackend) - dynamicBackend = o.WebhookOptions.TruncateOptions.wrapBackend(dynamicBackend, groupVersion) - } else if webhookBackend != nil { + if webhookBackend != nil { // if only webhook is enabled wrap it in the truncate options dynamicBackend = o.WebhookOptions.TruncateOptions.wrapBackend(webhookBackend, groupVersion) } @@ -600,66 +560,6 @@ func (o *AuditWebhookOptions) newUntruncatedBackend() (audit.Backend, error) { return webhook, nil } -func (o *AuditDynamicOptions) AddFlags(fs *pflag.FlagSet) { - fs.BoolVar(&o.Enabled, "audit-dynamic-configuration", o.Enabled, - "Enables dynamic audit configuration. This feature also requires the DynamicAuditing feature flag") -} - -func (o *AuditDynamicOptions) enabled() bool { - return o.Enabled && utilfeature.DefaultFeatureGate.Enabled(features.DynamicAuditing) -} - -func (o *AuditDynamicOptions) Validate() []error { - var allErrors []error - if o.Enabled && !utilfeature.DefaultFeatureGate.Enabled(features.DynamicAuditing) { - allErrors = append(allErrors, fmt.Errorf("--audit-dynamic-configuration set, but DynamicAuditing feature gate is not enabled")) - } - return allErrors -} - -func (o *AuditDynamicOptions) newBackend( - hostname string, - kubeClientConfig *restclient.Config, - informers informers.SharedInformerFactory, - processInfo *ProcessInfo, - webhookOptions *WebhookOptions, -) (audit.Backend, policy.Checker, error) { - if err := validateProcessInfo(processInfo); err != nil { - return nil, nil, err - } - clientset, err := kubernetes.NewForConfig(kubeClientConfig) - if err != nil { - return nil, nil, err - } - if webhookOptions == nil { - webhookOptions = NewWebhookOptions() - } - checker := policy.NewDynamicChecker() - informer := informers.Auditregistration().V1alpha1().AuditSinks() - eventSink := &v1core.EventSinkImpl{Interface: clientset.CoreV1().Events(processInfo.Namespace)} - - dc := &plugindynamic.Config{ - Informer: informer, - BufferedConfig: o.BatchConfig, - EventConfig: plugindynamic.EventConfig{ - Sink: eventSink, - Source: corev1.EventSource{ - Component: processInfo.Name, - Host: hostname, - }, - }, - WebhookConfig: plugindynamic.WebhookConfig{ - AuthInfoResolverWrapper: webhookOptions.AuthInfoResolverWrapper, - ServiceResolver: webhookOptions.ServiceResolver, - }, - } - backend, err := plugindynamic.NewBackend(dc) - if err != nil { - return nil, nil, fmt.Errorf("could not create dynamic audit backend: %v", err) - } - return backend, checker, nil -} - // defaultWebhookBatchConfig returns the default BatchConfig used by the Webhook backend. func defaultWebhookBatchConfig() pluginbuffered.BatchConfig { return pluginbuffered.BatchConfig{ diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/BUILD b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/BUILD deleted file mode 100644 index a838ddc87c..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/BUILD +++ /dev/null @@ -1,75 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") - -go_library( - name = "go_default_library", - srcs = [ - "defaults.go", - "dynamic.go", - "factory.go", - ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/plugin/pkg/audit/dynamic", - importpath = "k8s.io/apiserver/plugin/pkg/audit/dynamic", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/api/core/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit/install:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit/v1:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit/policy:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit/util:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/webhook:go_default_library", - "//staging/src/k8s.io/apiserver/plugin/pkg/audit/buffered:go_default_library", - "//staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced:go_default_library", - "//staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook:go_default_library", - "//staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/client-go/tools/cache:go_default_library", - "//staging/src/k8s.io/client-go/tools/record:go_default_library", - "//vendor/k8s.io/klog:go_default_library", - ], -) - -go_test( - name = "go_default_test", - srcs = [ - "dynamic_test.go", - "factory_test.go", - ], - embed = [":go_default_library"], - deps = [ - "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit/v1:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/webhook:go_default_library", - "//staging/src/k8s.io/client-go/informers:go_default_library", - "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library", - "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library", - "//vendor/github.com/stretchr/testify/require:go_default_library", - "//vendor/k8s.io/utils/pointer:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced:all-srcs", - ], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/defaults.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/defaults.go deleted file mode 100644 index f442954b50..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/defaults.go +++ /dev/null @@ -1,46 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package dynamic - -import ( - "time" - - bufferedplugin "k8s.io/apiserver/plugin/pkg/audit/buffered" -) - -const ( - // Default configuration values for ModeBatch when applied to a dynamic plugin - defaultBatchBufferSize = 5000 // Buffer up to 5000 events before starting discarding. - defaultBatchMaxSize = 400 // Only send up to 400 events at a time. - defaultBatchMaxWait = 30 * time.Second // Send events at least twice a minute. - defaultBatchThrottleQPS = 10 // Limit the send rate by 10 QPS. - defaultBatchThrottleBurst = 15 // Allow up to 15 QPS burst. -) - -// NewDefaultWebhookBatchConfig returns new Batch Config objects populated by default values -// for dynamic webhooks -func NewDefaultWebhookBatchConfig() *bufferedplugin.BatchConfig { - return &bufferedplugin.BatchConfig{ - BufferSize: defaultBatchBufferSize, - MaxBatchSize: defaultBatchMaxSize, - MaxBatchWait: defaultBatchMaxWait, - ThrottleEnable: true, - ThrottleQPS: defaultBatchThrottleQPS, - ThrottleBurst: defaultBatchThrottleBurst, - AsyncDelegate: true, - } -} diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic.go deleted file mode 100644 index b52c7c8528..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic.go +++ /dev/null @@ -1,342 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package dynamic - -import ( - "fmt" - "reflect" - "strings" - "sync" - "sync/atomic" - - "k8s.io/klog" - - auditregv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" - auditinternal "k8s.io/apiserver/pkg/apis/audit" - auditinstall "k8s.io/apiserver/pkg/apis/audit/install" - auditv1 "k8s.io/apiserver/pkg/apis/audit/v1" - "k8s.io/apiserver/pkg/audit" - webhook "k8s.io/apiserver/pkg/util/webhook" - bufferedplugin "k8s.io/apiserver/plugin/pkg/audit/buffered" - auditinformer "k8s.io/client-go/informers/auditregistration/v1alpha1" - "k8s.io/client-go/tools/cache" - "k8s.io/client-go/tools/record" -) - -// PluginName is the name reported in error metrics. -const PluginName = "dynamic" - -// Config holds the configuration for the dynamic backend -type Config struct { - // Informer for the audit sinks - Informer auditinformer.AuditSinkInformer - // EventConfig holds the configuration for event notifications about the AuditSink API objects - EventConfig EventConfig - // BufferedConfig is the runtime buffered configuration - BufferedConfig *bufferedplugin.BatchConfig - // WebhookConfig holds the configuration for outgoing webhooks - WebhookConfig WebhookConfig -} - -// WebhookConfig holds the configurations for outgoing webhooks -type WebhookConfig struct { - // AuthInfoResolverWrapper provides the webhook authentication for in-cluster endpoints - AuthInfoResolverWrapper webhook.AuthenticationInfoResolverWrapper - // ServiceResolver knows how to convert a webhook service reference into an actual location. - ServiceResolver webhook.ServiceResolver -} - -// EventConfig holds the configurations for sending event notifiations about AuditSink API objects -type EventConfig struct { - // Sink for emitting events - Sink record.EventSink - // Source holds the source information about the event emitter - Source corev1.EventSource -} - -// delegate represents a delegate backend that was created from an audit sink configuration -type delegate struct { - audit.Backend - configuration *auditregv1alpha1.AuditSink - stopChan chan struct{} -} - -// gracefulShutdown will gracefully shutdown the delegate -func (d *delegate) gracefulShutdown() { - close(d.stopChan) - d.Shutdown() -} - -// NewBackend returns a backend that dynamically updates its configuration -// based on a shared informer. -func NewBackend(c *Config) (audit.Backend, error) { - eventBroadcaster := record.NewBroadcaster() - eventBroadcaster.StartLogging(klog.Infof) - eventBroadcaster.StartRecordingToSink(c.EventConfig.Sink) - - scheme := runtime.NewScheme() - err := auditregv1alpha1.AddToScheme(scheme) - if err != nil { - return nil, err - } - recorder := eventBroadcaster.NewRecorder(scheme, c.EventConfig.Source) - - if c.BufferedConfig == nil { - c.BufferedConfig = NewDefaultWebhookBatchConfig() - } - cm, err := webhook.NewClientManager(auditv1.SchemeGroupVersion, func(s *runtime.Scheme) error { - auditinstall.Install(s) - return nil - }) - if err != nil { - return nil, err - } - - // TODO: need a way of injecting authentication before beta - authInfoResolver, err := webhook.NewDefaultAuthenticationInfoResolver("") - if err != nil { - return nil, err - } - cm.SetAuthenticationInfoResolver(authInfoResolver) - cm.SetServiceResolver(c.WebhookConfig.ServiceResolver) - cm.SetAuthenticationInfoResolverWrapper(c.WebhookConfig.AuthInfoResolverWrapper) - - manager := &backend{ - config: c, - delegates: atomic.Value{}, - delegateUpdateMutex: sync.Mutex{}, - webhookClientManager: cm, - recorder: recorder, - } - manager.delegates.Store(syncedDelegates{}) - - c.Informer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ - AddFunc: func(obj interface{}) { - manager.addSink(obj.(*auditregv1alpha1.AuditSink)) - }, - UpdateFunc: func(oldObj, newObj interface{}) { - manager.updateSink(oldObj.(*auditregv1alpha1.AuditSink), newObj.(*auditregv1alpha1.AuditSink)) - }, - DeleteFunc: func(obj interface{}) { - sink, ok := obj.(*auditregv1alpha1.AuditSink) - if !ok { - tombstone, ok := obj.(cache.DeletedFinalStateUnknown) - if !ok { - klog.V(2).Infof("Couldn't get object from tombstone %#v", obj) - return - } - sink, ok = tombstone.Obj.(*auditregv1alpha1.AuditSink) - if !ok { - klog.V(2).Infof("Tombstone contained object that is not an AuditSink: %#v", obj) - return - } - } - manager.deleteSink(sink) - }, - }) - - return manager, nil -} - -type backend struct { - // delegateUpdateMutex holds an update lock on the delegates - delegateUpdateMutex sync.Mutex - config *Config - delegates atomic.Value - webhookClientManager webhook.ClientManager - recorder record.EventRecorder -} - -type syncedDelegates map[types.UID]*delegate - -// Names returns the names of the delegate configurations -func (s syncedDelegates) Names() []string { - names := []string{} - for _, delegate := range s { - names = append(names, delegate.configuration.Name) - } - return names -} - -// ProcessEvents proccesses the given events per current delegate map -func (b *backend) ProcessEvents(events ...*auditinternal.Event) bool { - for _, d := range b.GetDelegates() { - d.ProcessEvents(events...) - } - // Returning true regardless of results, since dynamic audit backends - // can never cause apiserver request to fail. - return true -} - -// Run starts a goroutine that propagates the shutdown signal, -// individual delegates are ran as they are created. -func (b *backend) Run(stopCh <-chan struct{}) error { - go func() { - <-stopCh - b.stopAllDelegates() - }() - return nil -} - -// stopAllDelegates closes the stopChan for every delegate to enable -// goroutines to terminate gracefully. This is a helper method to propagate -// the primary stopChan to the current delegate map. -func (b *backend) stopAllDelegates() { - b.delegateUpdateMutex.Lock() - for _, d := range b.GetDelegates() { - close(d.stopChan) - } -} - -// Shutdown calls the shutdown method on all delegates. The stopChan should -// be closed before this is called. -func (b *backend) Shutdown() { - for _, d := range b.GetDelegates() { - d.Shutdown() - } -} - -// GetDelegates retrieves current delegates in a safe manner -func (b *backend) GetDelegates() syncedDelegates { - return b.delegates.Load().(syncedDelegates) -} - -// copyDelegates returns a copied delegate map -func (b *backend) copyDelegates() syncedDelegates { - c := make(syncedDelegates) - for u, s := range b.GetDelegates() { - c[u] = s - } - return c -} - -// setDelegates sets the current delegates in a safe manner -func (b *backend) setDelegates(delegates syncedDelegates) { - b.delegates.Store(delegates) -} - -// addSink is called by the shared informer when a sink is added -func (b *backend) addSink(sink *auditregv1alpha1.AuditSink) { - b.delegateUpdateMutex.Lock() - defer b.delegateUpdateMutex.Unlock() - delegates := b.copyDelegates() - if _, ok := delegates[sink.UID]; ok { - klog.Errorf("Audit sink %q uid: %s already exists, could not readd", sink.Name, sink.UID) - return - } - d, err := b.createAndStartDelegate(sink) - if err != nil { - msg := fmt.Sprintf("Could not add audit sink %q: %v", sink.Name, err) - klog.Error(msg) - b.recorder.Event(sink, corev1.EventTypeWarning, "CreateFailed", msg) - return - } - delegates[sink.UID] = d - b.setDelegates(delegates) - klog.V(2).Infof("Added audit sink: %s", sink.Name) - klog.V(2).Infof("Current audit sinks: %v", delegates.Names()) -} - -// updateSink is called by the shared informer when a sink is updated. -// The new sink is only rebuilt on spec changes. The new sink must not have -// the same uid as the previous. The new sink will be started before the old -// one is shutdown so no events will be lost -func (b *backend) updateSink(oldSink, newSink *auditregv1alpha1.AuditSink) { - b.delegateUpdateMutex.Lock() - defer b.delegateUpdateMutex.Unlock() - delegates := b.copyDelegates() - oldDelegate, ok := delegates[oldSink.UID] - if !ok { - klog.Errorf("Could not update audit sink %q uid: %s, old sink does not exist", - oldSink.Name, oldSink.UID) - return - } - - // check if spec has changed - eq := reflect.DeepEqual(oldSink.Spec, newSink.Spec) - if eq { - delete(delegates, oldSink.UID) - delegates[newSink.UID] = oldDelegate - b.setDelegates(delegates) - } else { - d, err := b.createAndStartDelegate(newSink) - if err != nil { - msg := fmt.Sprintf("Could not update audit sink %q: %v", oldSink.Name, err) - klog.Error(msg) - b.recorder.Event(newSink, corev1.EventTypeWarning, "UpdateFailed", msg) - return - } - delete(delegates, oldSink.UID) - delegates[newSink.UID] = d - b.setDelegates(delegates) - - // graceful shutdown in goroutine as to not block - go oldDelegate.gracefulShutdown() - } - - klog.V(2).Infof("Updated audit sink: %s", newSink.Name) - klog.V(2).Infof("Current audit sinks: %v", delegates.Names()) -} - -// deleteSink is called by the shared informer when a sink is deleted -func (b *backend) deleteSink(sink *auditregv1alpha1.AuditSink) { - b.delegateUpdateMutex.Lock() - defer b.delegateUpdateMutex.Unlock() - delegates := b.copyDelegates() - delegate, ok := delegates[sink.UID] - if !ok { - klog.Errorf("Could not delete audit sink %q uid: %s, does not exist", sink.Name, sink.UID) - return - } - delete(delegates, sink.UID) - b.setDelegates(delegates) - - // graceful shutdown in goroutine as to not block - go delegate.gracefulShutdown() - klog.V(2).Infof("Deleted audit sink: %s", sink.Name) - klog.V(2).Infof("Current audit sinks: %v", delegates.Names()) -} - -// createAndStartDelegate will build a delegate from an audit sink configuration and run it -func (b *backend) createAndStartDelegate(sink *auditregv1alpha1.AuditSink) (*delegate, error) { - f := factory{ - config: b.config, - webhookClientManager: b.webhookClientManager, - sink: sink, - } - delegate, err := f.BuildDelegate() - if err != nil { - return nil, err - } - err = delegate.Run(delegate.stopChan) - if err != nil { - return nil, err - } - return delegate, nil -} - -// String returns a string representation of the backend -func (b *backend) String() string { - var delegateStrings []string - for _, delegate := range b.GetDelegates() { - delegateStrings = append(delegateStrings, fmt.Sprintf("%s", delegate)) - } - return fmt.Sprintf("%s[%s]", PluginName, strings.Join(delegateStrings, ",")) -} diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic_test.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic_test.go deleted file mode 100644 index 9f49929a7b..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic_test.go +++ /dev/null @@ -1,319 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package dynamic - -import ( - "fmt" - "io/ioutil" - "net/http" - "net/http/httptest" - "reflect" - "sync/atomic" - "testing" - "time" - - "github.com/stretchr/testify/require" - - auditregv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/wait" - auditinternal "k8s.io/apiserver/pkg/apis/audit" - auditv1 "k8s.io/apiserver/pkg/apis/audit/v1" - "k8s.io/apiserver/pkg/audit" - webhook "k8s.io/apiserver/pkg/util/webhook" - informers "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" - v1core "k8s.io/client-go/kubernetes/typed/core/v1" -) - -func TestDynamic(t *testing.T) { - eventList1 := &atomic.Value{} - eventList1.Store(auditinternal.EventList{}) - eventList2 := &atomic.Value{} - eventList2.Store(auditinternal.EventList{}) - - // start test servers - server1 := httptest.NewServer(buildTestHandler(t, eventList1)) - defer server1.Close() - server2 := httptest.NewServer(buildTestHandler(t, eventList2)) - defer server2.Close() - - testPolicy := auditregv1alpha1.Policy{ - Level: auditregv1alpha1.LevelMetadata, - Stages: []auditregv1alpha1.Stage{ - auditregv1alpha1.StageResponseStarted, - }, - } - testEvent := auditinternal.Event{ - Level: auditinternal.LevelMetadata, - Stage: auditinternal.StageResponseStarted, - Verb: "get", - RequestURI: "/test/path", - } - testConfig1 := &auditregv1alpha1.AuditSink{ - ObjectMeta: metav1.ObjectMeta{ - Name: "test1", - UID: types.UID("test1"), - }, - Spec: auditregv1alpha1.AuditSinkSpec{ - Policy: testPolicy, - Webhook: auditregv1alpha1.Webhook{ - ClientConfig: auditregv1alpha1.WebhookClientConfig{ - URL: &server1.URL, - }, - }, - }, - } - testConfig2 := &auditregv1alpha1.AuditSink{ - ObjectMeta: metav1.ObjectMeta{ - Name: "test2", - UID: types.UID("test2"), - }, - Spec: auditregv1alpha1.AuditSinkSpec{ - Policy: testPolicy, - Webhook: auditregv1alpha1.Webhook{ - ClientConfig: auditregv1alpha1.WebhookClientConfig{ - URL: &server2.URL, - }, - }, - }, - } - - badURL := "http://badtest" - badConfig := &auditregv1alpha1.AuditSink{ - ObjectMeta: metav1.ObjectMeta{ - Name: "bad", - UID: types.UID("bad"), - }, - Spec: auditregv1alpha1.AuditSinkSpec{ - Policy: testPolicy, - Webhook: auditregv1alpha1.Webhook{ - ClientConfig: auditregv1alpha1.WebhookClientConfig{ - URL: &badURL, - }, - }, - }, - } - - config, stopChan := defaultTestConfig() - config.BufferedConfig.MaxBatchSize = 1 - - b, err := NewBackend(config) - require.NoError(t, err) - d := b.(*backend) - err = b.Run(stopChan) - require.NoError(t, err) - - t.Run("find none", func(t *testing.T) { - require.Len(t, d.GetDelegates(), 0) - }) - - success := t.Run("find one", func(t *testing.T) { - d.addSink(testConfig1) - delegates := d.GetDelegates() - require.Len(t, delegates, 1) - require.Contains(t, delegates, types.UID("test1")) - require.Equal(t, testConfig1, delegates["test1"].configuration) - - // send event and check that it arrives - b.ProcessEvents(&testEvent) - err := checkForEvent(eventList1, testEvent) - require.NoError(t, err, "unable to find events sent to sink") - }) - require.True(t, success) // propagate failure - - // test that a bad webhook configuration can be recovered from - success = t.Run("bad config", func(t *testing.T) { - d.addSink(badConfig) - delegates := d.GetDelegates() - require.Len(t, delegates, 2) - require.Contains(t, delegates, types.UID("bad")) - require.Equal(t, badConfig, delegates["bad"].configuration) - - // send events to the buffer - b.ProcessEvents(&testEvent, &testEvent) - - // event is in the buffer see if the sink can be deleted - // this will hang and fail if not handled properly - d.deleteSink(badConfig) - - delegates = d.GetDelegates() - require.Len(t, delegates, 1) - require.Contains(t, delegates, types.UID("test1")) - require.Equal(t, testConfig1, delegates["test1"].configuration) - }) - require.True(t, success) // propagate failure - - success = t.Run("find two", func(t *testing.T) { - eventList1.Store(auditinternal.EventList{}) - d.addSink(testConfig2) - delegates := d.GetDelegates() - require.Len(t, delegates, 2) - require.Contains(t, delegates, types.UID("test1")) - require.Contains(t, delegates, types.UID("test2")) - require.Equal(t, testConfig1, delegates["test1"].configuration) - require.Equal(t, testConfig2, delegates["test2"].configuration) - - // send event to both delegates and check that it arrives in both places - b.ProcessEvents(&testEvent) - err := checkForEvent(eventList1, testEvent) - require.NoError(t, err, "unable to find events sent to sink 1") - err = checkForEvent(eventList2, testEvent) - require.NoError(t, err, "unable to find events sent to sink 2") - }) - require.True(t, success) // propagate failure - - success = t.Run("delete one", func(t *testing.T) { - eventList2.Store(auditinternal.EventList{}) - d.deleteSink(testConfig1) - delegates := d.GetDelegates() - require.Len(t, delegates, 1) - require.Contains(t, delegates, types.UID("test2")) - require.Equal(t, testConfig2, delegates["test2"].configuration) - - // send event and check that it arrives to remaining sink - b.ProcessEvents(&testEvent) - err := checkForEvent(eventList2, testEvent) - require.NoError(t, err, "unable to find events sent to sink") - }) - require.True(t, success) // propagate failure - - success = t.Run("update one", func(t *testing.T) { - eventList1.Store(auditinternal.EventList{}) - oldConfig := *testConfig2 - testConfig2.Spec.Webhook.ClientConfig.URL = &server1.URL - testConfig2.UID = types.UID("test2.1") - d.updateSink(&oldConfig, testConfig2) - delegates := d.GetDelegates() - require.Len(t, delegates, 1) - require.Contains(t, delegates, types.UID("test2.1")) - require.Equal(t, testConfig2, delegates["test2.1"].configuration) - - // send event and check that it arrives to updated sink - b.ProcessEvents(&testEvent) - err := checkForEvent(eventList1, testEvent) - require.NoError(t, err, "unable to find events sent to sink") - }) - require.True(t, success) // propagate failure - - success = t.Run("update meta only", func(t *testing.T) { - eventList1.Store(auditinternal.EventList{}) - oldConfig := *testConfig2 - testConfig2.UID = types.UID("test2.2") - testConfig2.Labels = map[string]string{"my": "label"} - d.updateSink(&oldConfig, testConfig2) - delegates := d.GetDelegates() - require.Len(t, delegates, 1) - require.Contains(t, delegates, types.UID("test2.2")) - - // send event and check that it arrives to same sink - b.ProcessEvents(&testEvent) - err := checkForEvent(eventList1, testEvent) - require.NoError(t, err, "unable to find events sent to sink") - }) - require.True(t, success) // propagate failure - - success = t.Run("shutdown", func(t *testing.T) { - // if the stop signal is not propagated correctly the buffers will not - // close down gracefully, and the shutdown method will hang causing - // the test will timeout. - timeoutChan := make(chan struct{}) - successChan := make(chan struct{}) - go func() { - time.Sleep(1 * time.Second) - timeoutChan <- struct{}{} - }() - go func() { - close(stopChan) - d.Shutdown() - successChan <- struct{}{} - }() - for { - select { - case <-timeoutChan: - t.Error("shutdown timed out") - return - case <-successChan: - return - } - } - }) - require.True(t, success) // propagate failure -} - -// checkForEvent will poll to check for an audit event in an atomic event list -func checkForEvent(a *atomic.Value, evSent auditinternal.Event) error { - return wait.Poll(100*time.Millisecond, 1*time.Second, func() (bool, error) { - el := a.Load().(auditinternal.EventList) - if len(el.Items) != 1 { - return false, nil - } - evFound := el.Items[0] - eq := reflect.DeepEqual(evSent, evFound) - if !eq { - return false, fmt.Errorf("event mismatch -- sent: %+v found: %+v", evSent, evFound) - } - return true, nil - }) -} - -// buildTestHandler returns a handler that will update the atomic value passed in -// with the event list it receives -func buildTestHandler(t *testing.T, a *atomic.Value) http.HandlerFunc { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - body, err := ioutil.ReadAll(r.Body) - if err != nil { - t.Fatalf("could not read request body: %v", err) - } - el := auditinternal.EventList{} - decoder := audit.Codecs.UniversalDecoder(auditv1.SchemeGroupVersion) - if err := runtime.DecodeInto(decoder, body, &el); err != nil { - t.Fatalf("failed decoding buf: %b, apiVersion: %s", body, auditv1.SchemeGroupVersion) - } - defer r.Body.Close() - a.Store(el) - w.WriteHeader(200) - }) -} - -// defaultTestConfig returns a Config object suitable for testing along with its -// associated stopChan -func defaultTestConfig() (*Config, chan struct{}) { - authWrapper := webhook.AuthenticationInfoResolverWrapper( - func(a webhook.AuthenticationInfoResolver) webhook.AuthenticationInfoResolver { return a }, - ) - client := fake.NewSimpleClientset() - informerFactory := informers.NewSharedInformerFactory(client, 0) - stop := make(chan struct{}) - - eventSink := &v1core.EventSinkImpl{Interface: client.CoreV1().Events("")} - - informerFactory.Start(stop) - informerFactory.WaitForCacheSync(stop) - informer := informerFactory.Auditregistration().V1alpha1().AuditSinks() - return &Config{ - Informer: informer, - EventConfig: EventConfig{Sink: eventSink}, - BufferedConfig: NewDefaultWebhookBatchConfig(), - WebhookConfig: WebhookConfig{ - AuthInfoResolverWrapper: authWrapper, - ServiceResolver: webhook.NewDefaultServiceResolver(), - }, - }, stop -} diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/BUILD b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/BUILD deleted file mode 100644 index c9c25ef4bd..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/BUILD +++ /dev/null @@ -1,44 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") - -go_library( - name = "go_default_library", - srcs = ["enforced.go"], - importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced", - importpath = "k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/apiserver/pkg/apis/audit:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit/event:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit/policy:go_default_library", - ], -) - -go_test( - name = "go_default_test", - srcs = ["enforced_test.go"], - embed = [":go_default_library"], - deps = [ - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/audit/policy:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/authentication/user:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library", - "//staging/src/k8s.io/apiserver/plugin/pkg/audit/fake:go_default_library", - "//vendor/github.com/stretchr/testify/require:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced.go deleted file mode 100644 index 8feb523bed..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced.go +++ /dev/null @@ -1,93 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package enforced - -import ( - "fmt" - - auditinternal "k8s.io/apiserver/pkg/apis/audit" - "k8s.io/apiserver/pkg/audit" - ev "k8s.io/apiserver/pkg/audit/event" - "k8s.io/apiserver/pkg/audit/policy" -) - -// PluginName is the name reported in error metrics. -const PluginName = "enforced" - -// Backend filters audit events according to the policy -// trimming them as necessary to match the level -type Backend struct { - policyChecker policy.Checker - delegateBackend audit.Backend -} - -// NewBackend returns an enforced audit backend that wraps delegate backend. -// Enforced backend automatically runs and shuts down the delegate backend. -func NewBackend(delegate audit.Backend, p policy.Checker) audit.Backend { - return &Backend{ - policyChecker: p, - delegateBackend: delegate, - } -} - -// Run the delegate backend -func (b Backend) Run(stopCh <-chan struct{}) error { - return b.delegateBackend.Run(stopCh) -} - -// Shutdown the delegate backend -func (b Backend) Shutdown() { - b.delegateBackend.Shutdown() -} - -// ProcessEvents enforces policy on a shallow copy of the given event -// dropping any sections that don't conform -func (b Backend) ProcessEvents(events ...*auditinternal.Event) bool { - for _, event := range events { - if event == nil { - continue - } - attr, err := ev.NewAttributes(event) - if err != nil { - audit.HandlePluginError(PluginName, err, event) - continue - } - level, stages := b.policyChecker.LevelAndStages(attr) - if level == auditinternal.LevelNone { - continue - } - // make shallow copy before modifying to satisfy interface definition - ev := *event - e, err := policy.EnforcePolicy(&ev, level, stages) - if err != nil { - audit.HandlePluginError(PluginName, err, event) - continue - } - if e == nil { - continue - } - b.delegateBackend.ProcessEvents(e) - } - // Returning true regardless of results, since dynamic audit backends - // can never cause apiserver request to fail. - return true -} - -// String returns a string representation of the backend -func (b Backend) String() string { - return fmt.Sprintf("%s<%s>", PluginName, b.delegateBackend) -} diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced_test.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced_test.go deleted file mode 100644 index cbc61327a2..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced_test.go +++ /dev/null @@ -1,117 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package enforced - -import ( - "testing" - - "github.com/stretchr/testify/require" - - "k8s.io/apimachinery/pkg/runtime" - auditinternal "k8s.io/apiserver/pkg/apis/audit" - "k8s.io/apiserver/pkg/audit/policy" - "k8s.io/apiserver/pkg/authentication/user" - "k8s.io/apiserver/pkg/authorization/authorizer" - fakeplugin "k8s.io/apiserver/plugin/pkg/audit/fake" -) - -func TestEnforced(t *testing.T) { - testCases := []struct { - name string - event *auditinternal.Event - policy auditinternal.Policy - attribs authorizer.Attributes - expected []*auditinternal.Event - }{ - { - name: "enforce level", - event: &auditinternal.Event{ - Level: auditinternal.LevelRequestResponse, - Stage: auditinternal.StageResponseComplete, - RequestURI: "/apis/extensions/v1beta1", - RequestObject: &runtime.Unknown{Raw: []byte(`test`)}, - ResponseObject: &runtime.Unknown{Raw: []byte(`test`)}, - }, - policy: auditinternal.Policy{ - Rules: []auditinternal.PolicyRule{ - { - Level: auditinternal.LevelMetadata, - }, - }, - }, - expected: []*auditinternal.Event{ - { - Level: auditinternal.LevelMetadata, - Stage: auditinternal.StageResponseComplete, - RequestURI: "/apis/extensions/v1beta1", - }, - }, - }, - { - name: "enforce policy rule", - event: &auditinternal.Event{ - Level: auditinternal.LevelRequestResponse, - Stage: auditinternal.StageResponseComplete, - RequestURI: "/apis/extensions/v1beta1", - User: auditinternal.UserInfo{ - Username: user.Anonymous, - }, - RequestObject: &runtime.Unknown{Raw: []byte(`test`)}, - ResponseObject: &runtime.Unknown{Raw: []byte(`test`)}, - }, - policy: auditinternal.Policy{ - Rules: []auditinternal.PolicyRule{ - { - Level: auditinternal.LevelNone, - Users: []string{user.Anonymous}, - }, - { - Level: auditinternal.LevelMetadata, - }, - }, - }, - expected: []*auditinternal.Event{}, - }, - { - name: "nil event", - event: nil, - policy: auditinternal.Policy{ - Rules: []auditinternal.PolicyRule{ - { - Level: auditinternal.LevelMetadata, - }, - }, - }, - expected: []*auditinternal.Event{}, - }, - } - for _, tc := range testCases { - t.Run(tc.name, func(t *testing.T) { - ev := []*auditinternal.Event{} - fakeBackend := fakeplugin.Backend{ - OnRequest: func(events []*auditinternal.Event) { - ev = events - }, - } - b := NewBackend(&fakeBackend, policy.NewChecker(&tc.policy)) - defer b.Shutdown() - - b.ProcessEvents(tc.event) - require.Equal(t, tc.expected, ev) - }) - } -} diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/factory.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/factory.go deleted file mode 100644 index f9ce7abf79..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/factory.go +++ /dev/null @@ -1,91 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package dynamic - -import ( - "fmt" - "time" - - auditregv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - "k8s.io/apiserver/pkg/audit" - "k8s.io/apiserver/pkg/audit/policy" - auditutil "k8s.io/apiserver/pkg/audit/util" - "k8s.io/apiserver/pkg/util/webhook" - bufferedplugin "k8s.io/apiserver/plugin/pkg/audit/buffered" - enforcedplugin "k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced" - webhookplugin "k8s.io/apiserver/plugin/pkg/audit/webhook" -) - -// TODO: find a common place for all the default retry backoffs -const retryBackoff = 500 * time.Millisecond - -// factory builds a delegate from an AuditSink -type factory struct { - config *Config - webhookClientManager webhook.ClientManager - sink *auditregv1alpha1.AuditSink -} - -// BuildDelegate creates a delegate from the AuditSink object -func (f *factory) BuildDelegate() (*delegate, error) { - backend, err := f.buildWebhookBackend() - if err != nil { - return nil, err - } - backend = f.applyEnforcedOpts(backend) - backend = f.applyBufferedOpts(backend) - ch := make(chan struct{}) - return &delegate{ - Backend: backend, - configuration: f.sink, - stopChan: ch, - }, nil -} - -func (f *factory) buildWebhookBackend() (audit.Backend, error) { - hookClient := auditutil.HookClientConfigForSink(f.sink) - client, err := f.webhookClientManager.HookClient(hookClient) - if err != nil { - return nil, fmt.Errorf("could not create webhook client: %v", err) - } - backend := webhookplugin.NewDynamicBackend(client, retryBackoff) - return backend, nil -} - -func (f *factory) applyEnforcedOpts(delegate audit.Backend) audit.Backend { - pol := policy.ConvertDynamicPolicyToInternal(&f.sink.Spec.Policy) - checker := policy.NewChecker(pol) - eb := enforcedplugin.NewBackend(delegate, checker) - return eb -} - -func (f *factory) applyBufferedOpts(delegate audit.Backend) audit.Backend { - bc := f.config.BufferedConfig - tc := f.sink.Spec.Webhook.Throttle - if tc != nil { - bc.ThrottleEnable = true - if tc.Burst != nil { - bc.ThrottleBurst = int(*tc.Burst) - } - if tc.QPS != nil { - bc.ThrottleQPS = float32(*tc.QPS) - } - } else { - bc.ThrottleEnable = false - } - return bufferedplugin.NewBackend(delegate, *bc) -} diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/factory_test.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/factory_test.go deleted file mode 100644 index 3caa2c3a5d..0000000000 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/factory_test.go +++ /dev/null @@ -1,146 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package dynamic - -import ( - "testing" - - "github.com/stretchr/testify/require" - - auditregv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - utilpointer "k8s.io/utils/pointer" -) - -func TestToDelegate(t *testing.T) { - config, _ := defaultTestConfig() - defaultPolicy := auditregv1alpha1.Policy{ - Level: auditregv1alpha1.LevelMetadata, - } - u := "http://localhost:4444" - for _, tc := range []struct { - name string - auditConfig *auditregv1alpha1.AuditSink - throttleConfig *auditregv1alpha1.WebhookThrottleConfig - expectedBackend string - }{ - { - name: "build full", - auditConfig: &auditregv1alpha1.AuditSink{ - Spec: auditregv1alpha1.AuditSinkSpec{ - Policy: defaultPolicy, - Webhook: auditregv1alpha1.Webhook{ - Throttle: &auditregv1alpha1.WebhookThrottleConfig{ - QPS: utilpointer.Int64Ptr(10), - Burst: utilpointer.Int64Ptr(5), - }, - ClientConfig: auditregv1alpha1.WebhookClientConfig{ - URL: &u, - }, - }, - }, - }, - expectedBackend: "buffered>", - }, - { - name: "build no throttle", - auditConfig: &auditregv1alpha1.AuditSink{ - Spec: auditregv1alpha1.AuditSinkSpec{ - Policy: defaultPolicy, - Webhook: auditregv1alpha1.Webhook{ - ClientConfig: auditregv1alpha1.WebhookClientConfig{ - URL: &u, - }, - }, - }, - }, - expectedBackend: "buffered>", - }, - } { - t.Run(tc.name, func(t *testing.T) { - b, err := NewBackend(config) - require.NoError(t, err) - c := factory{ - config: b.(*backend).config, - webhookClientManager: b.(*backend).webhookClientManager, - sink: tc.auditConfig, - } - d, err := c.BuildDelegate() - require.NoError(t, err) - require.Equal(t, tc.expectedBackend, d.String()) - }) - } -} - -func TestBuildWebhookBackend(t *testing.T) { - defaultPolicy := auditregv1alpha1.Policy{ - Level: auditregv1alpha1.LevelMetadata, - } - config, _ := defaultTestConfig() - b, err := NewBackend(config) - require.NoError(t, err) - d := b.(*backend) - u := "http://localhost:4444" - for _, tc := range []struct { - name string - auditConfig *auditregv1alpha1.AuditSink - shouldErr bool - expectedBackend string - }{ - { - name: "build full", - auditConfig: &auditregv1alpha1.AuditSink{ - Spec: auditregv1alpha1.AuditSinkSpec{ - Policy: defaultPolicy, - Webhook: auditregv1alpha1.Webhook{ - ClientConfig: auditregv1alpha1.WebhookClientConfig{ - URL: &u, - }, - }, - }, - }, - expectedBackend: "dynamic_webhook", - shouldErr: false, - }, - { - name: "fail missing url", - auditConfig: &auditregv1alpha1.AuditSink{ - Spec: auditregv1alpha1.AuditSinkSpec{ - Policy: defaultPolicy, - Webhook: auditregv1alpha1.Webhook{ - ClientConfig: auditregv1alpha1.WebhookClientConfig{}, - }, - }, - }, - shouldErr: true, - }, - } { - t.Run(tc.name, func(t *testing.T) { - c := &factory{ - config: config, - webhookClientManager: d.webhookClientManager, - sink: tc.auditConfig, - } - ab, err := c.buildWebhookBackend() - if tc.shouldErr { - require.Error(t, err) - return - } - require.NoError(t, err) - require.Equal(t, tc.expectedBackend, ab.String()) - }) - } -} diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/interface.go b/staging/src/k8s.io/client-go/informers/auditregistration/interface.go deleted file mode 100644 index 0f1682c478..0000000000 --- a/staging/src/k8s.io/client-go/informers/auditregistration/interface.go +++ /dev/null @@ -1,46 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by informer-gen. DO NOT EDIT. - -package auditregistration - -import ( - v1alpha1 "k8s.io/client-go/informers/auditregistration/v1alpha1" - internalinterfaces "k8s.io/client-go/informers/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go deleted file mode 100644 index 69778ad2cf..0000000000 --- a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go +++ /dev/null @@ -1,88 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - time "time" - - auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - internalinterfaces "k8s.io/client-go/informers/internalinterfaces" - kubernetes "k8s.io/client-go/kubernetes" - v1alpha1 "k8s.io/client-go/listers/auditregistration/v1alpha1" - cache "k8s.io/client-go/tools/cache" -) - -// AuditSinkInformer provides access to a shared informer and lister for -// AuditSinks. -type AuditSinkInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.AuditSinkLister -} - -type auditSinkInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewAuditSinkInformer constructs a new informer for AuditSink type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewAuditSinkInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredAuditSinkInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredAuditSinkInformer constructs a new informer for AuditSink type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredAuditSinkInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuditregistrationV1alpha1().AuditSinks().List(options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.AuditregistrationV1alpha1().AuditSinks().Watch(options) - }, - }, - &auditregistrationv1alpha1.AuditSink{}, - resyncPeriod, - indexers, - ) -} - -func (f *auditSinkInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredAuditSinkInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *auditSinkInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&auditregistrationv1alpha1.AuditSink{}, f.defaultInformer) -} - -func (f *auditSinkInformer) Lister() v1alpha1.AuditSinkLister { - return v1alpha1.NewAuditSinkLister(f.Informer().GetIndexer()) -} diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go deleted file mode 100644 index 0a67ba821d..0000000000 --- a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go +++ /dev/null @@ -1,45 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "k8s.io/client-go/informers/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // AuditSinks returns a AuditSinkInformer. - AuditSinks() AuditSinkInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// AuditSinks returns a AuditSinkInformer. -func (v *version) AuditSinks() AuditSinkInformer { - return &auditSinkInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/staging/src/k8s.io/client-go/informers/factory.go b/staging/src/k8s.io/client-go/informers/factory.go index 64ee705070..029600916b 100644 --- a/staging/src/k8s.io/client-go/informers/factory.go +++ b/staging/src/k8s.io/client-go/informers/factory.go @@ -28,7 +28,6 @@ import ( schema "k8s.io/apimachinery/pkg/runtime/schema" admissionregistration "k8s.io/client-go/informers/admissionregistration" apps "k8s.io/client-go/informers/apps" - auditregistration "k8s.io/client-go/informers/auditregistration" autoscaling "k8s.io/client-go/informers/autoscaling" batch "k8s.io/client-go/informers/batch" certificates "k8s.io/client-go/informers/certificates" @@ -188,7 +187,6 @@ type SharedInformerFactory interface { Admissionregistration() admissionregistration.Interface Apps() apps.Interface - Auditregistration() auditregistration.Interface Autoscaling() autoscaling.Interface Batch() batch.Interface Certificates() certificates.Interface @@ -211,10 +209,6 @@ func (f *sharedInformerFactory) Apps() apps.Interface { return apps.New(f, f.namespace, f.tweakListOptions) } -func (f *sharedInformerFactory) Auditregistration() auditregistration.Interface { - return auditregistration.New(f, f.namespace, f.tweakListOptions) -} - func (f *sharedInformerFactory) Autoscaling() autoscaling.Interface { return autoscaling.New(f, f.namespace, f.tweakListOptions) } diff --git a/staging/src/k8s.io/client-go/informers/generic.go b/staging/src/k8s.io/client-go/informers/generic.go index 948f2b9005..5685e7de75 100644 --- a/staging/src/k8s.io/client-go/informers/generic.go +++ b/staging/src/k8s.io/client-go/informers/generic.go @@ -25,7 +25,6 @@ import ( v1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" v1beta2 "k8s.io/api/apps/v1beta2" - v1alpha1 "k8s.io/api/auditregistration/v1alpha1" autoscalingv1 "k8s.io/api/autoscaling/v1" v2beta1 "k8s.io/api/autoscaling/v2beta1" v2beta2 "k8s.io/api/autoscaling/v2beta2" @@ -39,7 +38,7 @@ import ( extensionsv1beta1 "k8s.io/api/extensions/v1beta1" networkingv1 "k8s.io/api/networking/v1" networkingv1beta1 "k8s.io/api/networking/v1beta1" - nodev1alpha1 "k8s.io/api/node/v1alpha1" + v1alpha1 "k8s.io/api/node/v1alpha1" nodev1beta1 "k8s.io/api/node/v1beta1" policyv1beta1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" @@ -116,10 +115,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case v1beta2.SchemeGroupVersion.WithResource("statefulsets"): return &genericInformer{resource: resource.GroupResource(), informer: f.Apps().V1beta2().StatefulSets().Informer()}, nil - // Group=auditregistration.k8s.io, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("auditsinks"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Auditregistration().V1alpha1().AuditSinks().Informer()}, nil - // Group=autoscaling, Version=v1 case autoscalingv1.SchemeGroupVersion.WithResource("horizontalpodautoscalers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Autoscaling().V1().HorizontalPodAutoscalers().Informer()}, nil @@ -211,7 +206,7 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1beta1().Ingresses().Informer()}, nil // Group=node.k8s.io, Version=v1alpha1 - case nodev1alpha1.SchemeGroupVersion.WithResource("runtimeclasses"): + case v1alpha1.SchemeGroupVersion.WithResource("runtimeclasses"): return &genericInformer{resource: resource.GroupResource(), informer: f.Node().V1alpha1().RuntimeClasses().Informer()}, nil // Group=node.k8s.io, Version=v1beta1 diff --git a/staging/src/k8s.io/client-go/kubernetes/clientset.go b/staging/src/k8s.io/client-go/kubernetes/clientset.go index 3650405bec..e2a8102f9c 100644 --- a/staging/src/k8s.io/client-go/kubernetes/clientset.go +++ b/staging/src/k8s.io/client-go/kubernetes/clientset.go @@ -24,7 +24,6 @@ import ( appsv1 "k8s.io/client-go/kubernetes/typed/apps/v1" appsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1" appsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2" - auditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" authenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1" authorizationv1 "k8s.io/client-go/kubernetes/typed/authorization/v1" authorizationv1beta1 "k8s.io/client-go/kubernetes/typed/authorization/v1beta1" @@ -60,7 +59,6 @@ type Interface interface { AppsV1() appsv1.AppsV1Interface AppsV1beta1() appsv1beta1.AppsV1beta1Interface AppsV1beta2() appsv1beta2.AppsV1beta2Interface - AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface AuthenticationV1() authenticationv1.AuthenticationV1Interface AuthorizationV1() authorizationv1.AuthorizationV1Interface AuthorizationV1beta1() authorizationv1beta1.AuthorizationV1beta1Interface @@ -96,7 +94,6 @@ type Clientset struct { appsV1 *appsv1.AppsV1Client appsV1beta1 *appsv1beta1.AppsV1beta1Client appsV1beta2 *appsv1beta2.AppsV1beta2Client - auditregistrationV1alpha1 *auditregistrationv1alpha1.AuditregistrationV1alpha1Client authenticationV1 *authenticationv1.AuthenticationV1Client authorizationV1 *authorizationv1.AuthorizationV1Client authorizationV1beta1 *authorizationv1beta1.AuthorizationV1beta1Client @@ -144,11 +141,6 @@ func (c *Clientset) AppsV1beta2() appsv1beta2.AppsV1beta2Interface { return c.appsV1beta2 } -// AuditregistrationV1alpha1 retrieves the AuditregistrationV1alpha1Client -func (c *Clientset) AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { - return c.auditregistrationV1alpha1 -} - // AuthenticationV1 retrieves the AuthenticationV1Client func (c *Clientset) AuthenticationV1() authenticationv1.AuthenticationV1Interface { return c.authenticationV1 @@ -306,10 +298,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.auditregistrationV1alpha1, err = auditregistrationv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.authenticationV1, err = authenticationv1.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -426,7 +414,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { cs.appsV1 = appsv1.NewForConfigOrDie(c) cs.appsV1beta1 = appsv1beta1.NewForConfigOrDie(c) cs.appsV1beta2 = appsv1beta2.NewForConfigOrDie(c) - cs.auditregistrationV1alpha1 = auditregistrationv1alpha1.NewForConfigOrDie(c) cs.authenticationV1 = authenticationv1.NewForConfigOrDie(c) cs.authorizationV1 = authorizationv1.NewForConfigOrDie(c) cs.authorizationV1beta1 = authorizationv1beta1.NewForConfigOrDie(c) @@ -464,7 +451,6 @@ func New(c rest.Interface) *Clientset { cs.appsV1 = appsv1.New(c) cs.appsV1beta1 = appsv1beta1.New(c) cs.appsV1beta2 = appsv1beta2.New(c) - cs.auditregistrationV1alpha1 = auditregistrationv1alpha1.New(c) cs.authenticationV1 = authenticationv1.New(c) cs.authorizationV1 = authorizationv1.New(c) cs.authorizationV1beta1 = authorizationv1beta1.New(c) diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go index 60a0844778..9f9b61fef1 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go @@ -32,8 +32,6 @@ import ( fakeappsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1/fake" appsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2" fakeappsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake" - auditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" - fakeauditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake" authenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1" fakeauthenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1/fake" authorizationv1 "k8s.io/client-go/kubernetes/typed/authorization/v1" @@ -149,11 +147,6 @@ func (c *Clientset) AppsV1beta2() appsv1beta2.AppsV1beta2Interface { return &fakeappsv1beta2.FakeAppsV1beta2{Fake: &c.Fake} } -// AuditregistrationV1alpha1 retrieves the AuditregistrationV1alpha1Client -func (c *Clientset) AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { - return &fakeauditregistrationv1alpha1.FakeAuditregistrationV1alpha1{Fake: &c.Fake} -} - // AuthenticationV1 retrieves the AuthenticationV1Client func (c *Clientset) AuthenticationV1() authenticationv1.AuthenticationV1Interface { return &fakeauthenticationv1.FakeAuthenticationV1{Fake: &c.Fake} diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/register.go b/staging/src/k8s.io/client-go/kubernetes/fake/register.go index 209880ea1e..d4e2ebe7c3 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/register.go @@ -23,7 +23,6 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" - auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authorizationv1 "k8s.io/api/authorization/v1" authorizationv1beta1 "k8s.io/api/authorization/v1beta1" @@ -64,7 +63,6 @@ var localSchemeBuilder = runtime.SchemeBuilder{ appsv1.AddToScheme, appsv1beta1.AddToScheme, appsv1beta2.AddToScheme, - auditregistrationv1alpha1.AddToScheme, authenticationv1.AddToScheme, authorizationv1.AddToScheme, authorizationv1beta1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go index a9108bf7ca..c12652d6e3 100644 --- a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go @@ -23,7 +23,6 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" - auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authorizationv1 "k8s.io/api/authorization/v1" authorizationv1beta1 "k8s.io/api/authorization/v1beta1" @@ -64,7 +63,6 @@ var localSchemeBuilder = runtime.SchemeBuilder{ appsv1.AddToScheme, appsv1beta1.AddToScheme, appsv1beta2.AddToScheme, - auditregistrationv1alpha1.AddToScheme, authenticationv1.AddToScheme, authorizationv1.AddToScheme, authorizationv1beta1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD deleted file mode 100644 index cb5b1a5ede..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD +++ /dev/null @@ -1,40 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "auditregistration_client.go", - "auditsink.go", - "doc.go", - "generated_expansion.go", - ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", - importpath = "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", - "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", - "//staging/src/k8s.io/client-go/rest:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake:all-srcs", - ], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go deleted file mode 100644 index f007b05ef7..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go +++ /dev/null @@ -1,90 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "k8s.io/api/auditregistration/v1alpha1" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - "k8s.io/client-go/kubernetes/scheme" - rest "k8s.io/client-go/rest" -) - -type AuditregistrationV1alpha1Interface interface { - RESTClient() rest.Interface - AuditSinksGetter -} - -// AuditregistrationV1alpha1Client is used to interact with features provided by the auditregistration.k8s.io group. -type AuditregistrationV1alpha1Client struct { - restClient rest.Interface -} - -func (c *AuditregistrationV1alpha1Client) AuditSinks() AuditSinkInterface { - return newAuditSinks(c) -} - -// NewForConfig creates a new AuditregistrationV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*AuditregistrationV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &AuditregistrationV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new AuditregistrationV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *AuditregistrationV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new AuditregistrationV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *AuditregistrationV1alpha1Client { - return &AuditregistrationV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *AuditregistrationV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go deleted file mode 100644 index 414d480062..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go +++ /dev/null @@ -1,164 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "time" - - v1alpha1 "k8s.io/api/auditregistration/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - scheme "k8s.io/client-go/kubernetes/scheme" - rest "k8s.io/client-go/rest" -) - -// AuditSinksGetter has a method to return a AuditSinkInterface. -// A group's client should implement this interface. -type AuditSinksGetter interface { - AuditSinks() AuditSinkInterface -} - -// AuditSinkInterface has methods to work with AuditSink resources. -type AuditSinkInterface interface { - Create(*v1alpha1.AuditSink) (*v1alpha1.AuditSink, error) - Update(*v1alpha1.AuditSink) (*v1alpha1.AuditSink, error) - Delete(name string, options *v1.DeleteOptions) error - DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error - Get(name string, options v1.GetOptions) (*v1alpha1.AuditSink, error) - List(opts v1.ListOptions) (*v1alpha1.AuditSinkList, error) - Watch(opts v1.ListOptions) (watch.Interface, error) - Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) - AuditSinkExpansion -} - -// auditSinks implements AuditSinkInterface -type auditSinks struct { - client rest.Interface -} - -// newAuditSinks returns a AuditSinks -func newAuditSinks(c *AuditregistrationV1alpha1Client) *auditSinks { - return &auditSinks{ - client: c.RESTClient(), - } -} - -// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. -func (c *auditSinks) Get(name string, options v1.GetOptions) (result *v1alpha1.AuditSink, err error) { - result = &v1alpha1.AuditSink{} - err = c.client.Get(). - Resource("auditsinks"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. -func (c *auditSinks) List(opts v1.ListOptions) (result *v1alpha1.AuditSinkList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.AuditSinkList{} - err = c.client.Get(). - Resource("auditsinks"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested auditSinks. -func (c *auditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("auditsinks"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch() -} - -// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *auditSinks) Create(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { - result = &v1alpha1.AuditSink{} - err = c.client.Post(). - Resource("auditsinks"). - Body(auditSink). - Do(). - Into(result) - return -} - -// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *auditSinks) Update(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { - result = &v1alpha1.AuditSink{} - err = c.client.Put(). - Resource("auditsinks"). - Name(auditSink.Name). - Body(auditSink). - Do(). - Into(result) - return -} - -// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. -func (c *auditSinks) Delete(name string, options *v1.DeleteOptions) error { - return c.client.Delete(). - Resource("auditsinks"). - Name(name). - Body(options). - Do(). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *auditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { - var timeout time.Duration - if listOptions.TimeoutSeconds != nil { - timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("auditsinks"). - VersionedParams(&listOptions, scheme.ParameterCodec). - Timeout(timeout). - Body(options). - Do(). - Error() -} - -// Patch applies the patch and returns the patched auditSink. -func (c *auditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) { - result = &v1alpha1.AuditSink{} - err = c.client.Patch(pt). - Resource("auditsinks"). - SubResource(subresources...). - Name(name). - Body(data). - Do(). - Into(result) - return -} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go deleted file mode 100644 index df51baa4d4..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD deleted file mode 100644 index 76ac78a7db..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD +++ /dev/null @@ -1,38 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_auditregistration_client.go", - "fake_auditsink.go", - ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", - importpath = "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", - "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:go_default_library", - "//staging/src/k8s.io/client-go/rest:go_default_library", - "//staging/src/k8s.io/client-go/testing:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go deleted file mode 100644 index 16f4439906..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go deleted file mode 100644 index c22acabcf4..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go +++ /dev/null @@ -1,40 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeAuditregistrationV1alpha1 struct { - *testing.Fake -} - -func (c *FakeAuditregistrationV1alpha1) AuditSinks() v1alpha1.AuditSinkInterface { - return &FakeAuditSinks{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeAuditregistrationV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go deleted file mode 100644 index d0bb9fd000..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go +++ /dev/null @@ -1,120 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "k8s.io/api/auditregistration/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeAuditSinks implements AuditSinkInterface -type FakeAuditSinks struct { - Fake *FakeAuditregistrationV1alpha1 -} - -var auditsinksResource = schema.GroupVersionResource{Group: "auditregistration.k8s.io", Version: "v1alpha1", Resource: "auditsinks"} - -var auditsinksKind = schema.GroupVersionKind{Group: "auditregistration.k8s.io", Version: "v1alpha1", Kind: "AuditSink"} - -// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. -func (c *FakeAuditSinks) Get(name string, options v1.GetOptions) (result *v1alpha1.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(auditsinksResource, name), &v1alpha1.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.AuditSink), err -} - -// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. -func (c *FakeAuditSinks) List(opts v1.ListOptions) (result *v1alpha1.AuditSinkList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(auditsinksResource, auditsinksKind, opts), &v1alpha1.AuditSinkList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.AuditSinkList{ListMeta: obj.(*v1alpha1.AuditSinkList).ListMeta} - for _, item := range obj.(*v1alpha1.AuditSinkList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested auditSinks. -func (c *FakeAuditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(auditsinksResource, opts)) -} - -// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *FakeAuditSinks) Create(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(auditsinksResource, auditSink), &v1alpha1.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.AuditSink), err -} - -// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. -func (c *FakeAuditSinks) Update(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(auditsinksResource, auditSink), &v1alpha1.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.AuditSink), err -} - -// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. -func (c *FakeAuditSinks) Delete(name string, options *v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(auditsinksResource, name), &v1alpha1.AuditSink{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeAuditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(auditsinksResource, listOptions) - - _, err := c.Fake.Invokes(action, &v1alpha1.AuditSinkList{}) - return err -} - -// Patch applies the patch and returns the patched auditSink. -func (c *FakeAuditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(auditsinksResource, name, pt, data, subresources...), &v1alpha1.AuditSink{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.AuditSink), err -} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go deleted file mode 100644 index f0f5117264..0000000000 --- a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,21 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type AuditSinkExpansion interface{} diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go deleted file mode 100644 index 3ae4528c8c..0000000000 --- a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go +++ /dev/null @@ -1,65 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "k8s.io/api/auditregistration/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// AuditSinkLister helps list AuditSinks. -type AuditSinkLister interface { - // List lists all AuditSinks in the indexer. - List(selector labels.Selector) (ret []*v1alpha1.AuditSink, err error) - // Get retrieves the AuditSink from the index for a given name. - Get(name string) (*v1alpha1.AuditSink, error) - AuditSinkListerExpansion -} - -// auditSinkLister implements the AuditSinkLister interface. -type auditSinkLister struct { - indexer cache.Indexer -} - -// NewAuditSinkLister returns a new AuditSinkLister. -func NewAuditSinkLister(indexer cache.Indexer) AuditSinkLister { - return &auditSinkLister{indexer: indexer} -} - -// List lists all AuditSinks in the indexer. -func (s *auditSinkLister) List(selector labels.Selector) (ret []*v1alpha1.AuditSink, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.AuditSink)) - }) - return ret, err -} - -// Get retrieves the AuditSink from the index for a given name. -func (s *auditSinkLister) Get(name string) (*v1alpha1.AuditSink, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("auditsink"), name) - } - return obj.(*v1alpha1.AuditSink), nil -} diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go deleted file mode 100644 index 533dd0631f..0000000000 --- a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// AuditSinkListerExpansion allows custom methods to be added to -// AuditSinkLister. -type AuditSinkListerExpansion interface{}