From 993ab1d886cdea4565a8655a142ddda8d5709a5e Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Wed, 29 Jun 2016 23:07:53 -0400 Subject: [PATCH] Allow specifying secret data using strings --- api/swagger-spec/v1.json | 4 + docs/api-reference/v1/definitions.html | 7 + hack/test-cmd.sh | 24 +++ pkg/api/v1/conversion.go | 19 +++ pkg/api/v1/conversion_generated.go | 4 - pkg/api/v1/deep_copy_generated.go | 9 + pkg/api/v1/generated.pb.go | 136 +++++++++++++++ pkg/api/v1/generated.proto | 7 + pkg/api/v1/types.generated.go | 198 +++++++++++++++------- pkg/api/v1/types.go | 7 + pkg/api/v1/types_swagger_doc_generated.go | 9 +- 11 files changed, 351 insertions(+), 73 deletions(-) diff --git a/api/swagger-spec/v1.json b/api/swagger-spec/v1.json index a55b9a04f7..e4d0920bf8 100644 --- a/api/swagger-spec/v1.json +++ b/api/swagger-spec/v1.json @@ -19090,6 +19090,10 @@ "type": "object", "description": "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4" }, + "stringData": { + "type": "object", + "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API." + }, "type": { "type": "string", "description": "Used to facilitate programmatic handling of secret data." diff --git a/docs/api-reference/v1/definitions.html b/docs/api-reference/v1/definitions.html index 904a97d2b0..05f2b18182 100755 --- a/docs/api-reference/v1/definitions.html +++ b/docs/api-reference/v1/definitions.html @@ -6930,6 +6930,13 @@ The resulting set of endpoints can be viewed as:
+

stringData

+

stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.

+

false

+

object

+ + +

type

Used to facilitate programmatic handling of secret data.

false

diff --git a/hack/test-cmd.sh b/hack/test-cmd.sh index 02f51e7e8a..d7329fee0b 100755 --- a/hack/test-cmd.sh +++ b/hack/test-cmd.sh @@ -1355,6 +1355,30 @@ __EOF__ # Clean-up kubectl delete secret test-secret --namespace=test-secrets + # Create a secret using stringData + kubectl create --namespace=test-secrets -f - "${kube_flags[@]}" << __EOF__ +{ + "kind": "Secret", + "apiVersion": "v1", + "metadata": { + "name": "secret-string-data" + }, + "data": { + "k1":"djE=", + "k2":"" + }, + "stringData": { + "k2":"v2" + } +} +__EOF__ + # Post-condition: secret-string-data secret is created with expected data, merged/overridden data from stringData, and a cleared stringData field + kube::test::get_object_assert 'secret/secret-string-data --namespace=test-secrets ' '{{.data}}' '.*k1:djE=.*' + kube::test::get_object_assert 'secret/secret-string-data --namespace=test-secrets ' '{{.data}}' '.*k2:djI=.*' + kube::test::get_object_assert 'secret/secret-string-data --namespace=test-secrets ' '{{.stringData}}' '' + # Clean up + kubectl delete secret secret-string-data --namespace=test-secrets + ### Create a secret using output flags # Pre-condition: no secret exists kube::test::get_object_assert 'secrets --namespace=test-secrets' "{{range.items}}{{$id_field}}:{{end}}" '' diff --git a/pkg/api/v1/conversion.go b/pkg/api/v1/conversion.go index c207e60e08..7e760a49da 100644 --- a/pkg/api/v1/conversion.go +++ b/pkg/api/v1/conversion.go @@ -43,6 +43,7 @@ func addConversionFuncs(scheme *runtime.Scheme) { Convert_v1_Pod_To_api_Pod, Convert_v1_PodSpec_To_api_PodSpec, Convert_v1_ReplicationControllerSpec_To_api_ReplicationControllerSpec, + Convert_v1_Secret_To_api_Secret, Convert_v1_ServiceSpec_To_api_ServiceSpec, Convert_v1_ResourceList_To_api_ResourceList, ) @@ -598,6 +599,24 @@ func Convert_api_ServiceSpec_To_v1_ServiceSpec(in *api.ServiceSpec, out *Service return nil } +func Convert_v1_Secret_To_api_Secret(in *Secret, out *api.Secret, s conversion.Scope) error { + if err := autoConvert_v1_Secret_To_api_Secret(in, out, s); err != nil { + return err + } + + // StringData overwrites Data + if len(in.StringData) > 0 { + if out.Data == nil { + out.Data = map[string][]byte{} + } + for k, v := range in.StringData { + out.Data[k] = []byte(v) + } + } + + return nil +} + func Convert_v1_ServiceSpec_To_api_ServiceSpec(in *ServiceSpec, out *api.ServiceSpec, s conversion.Scope) error { if err := autoConvert_v1_ServiceSpec_To_api_ServiceSpec(in, out, s); err != nil { return err diff --git a/pkg/api/v1/conversion_generated.go b/pkg/api/v1/conversion_generated.go index e232fdf7a7..6c2516fe00 100644 --- a/pkg/api/v1/conversion_generated.go +++ b/pkg/api/v1/conversion_generated.go @@ -5647,10 +5647,6 @@ func autoConvert_v1_Secret_To_api_Secret(in *Secret, out *api.Secret, s conversi return nil } -func Convert_v1_Secret_To_api_Secret(in *Secret, out *api.Secret, s conversion.Scope) error { - return autoConvert_v1_Secret_To_api_Secret(in, out, s) -} - func autoConvert_api_Secret_To_v1_Secret(in *api.Secret, out *Secret, s conversion.Scope) error { if err := api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil { return err diff --git a/pkg/api/v1/deep_copy_generated.go b/pkg/api/v1/deep_copy_generated.go index f4b604b90b..9bf00219ae 100644 --- a/pkg/api/v1/deep_copy_generated.go +++ b/pkg/api/v1/deep_copy_generated.go @@ -2750,6 +2750,15 @@ func DeepCopy_v1_Secret(in Secret, out *Secret, c *conversion.Cloner) error { } else { out.Data = nil } + if in.StringData != nil { + in, out := in.StringData, &out.StringData + *out = make(map[string]string) + for key, val := range in { + (*out)[key] = val + } + } else { + out.StringData = nil + } out.Type = in.Type return nil } diff --git a/pkg/api/v1/generated.pb.go b/pkg/api/v1/generated.pb.go index 99220e0d0e..16ac125d58 100644 --- a/pkg/api/v1/generated.pb.go +++ b/pkg/api/v1/generated.pb.go @@ -6713,6 +6713,23 @@ func (m *Secret) MarshalTo(data []byte) (int, error) { i++ i = encodeVarintGenerated(data, i, uint64(len(m.Type))) i += copy(data[i:], m.Type) + if len(m.StringData) > 0 { + for k := range m.StringData { + data[i] = 0x22 + i++ + v := m.StringData[k] + mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v))) + i = encodeVarintGenerated(data, i, uint64(mapSize)) + data[i] = 0xa + i++ + i = encodeVarintGenerated(data, i, uint64(len(k))) + i += copy(data[i:], k) + data[i] = 0x12 + i++ + i = encodeVarintGenerated(data, i, uint64(len(v))) + i += copy(data[i:], v) + } + } return i, nil } @@ -9870,6 +9887,14 @@ func (m *Secret) Size() (n int) { } l = len(m.Type) n += 1 + l + sovGenerated(uint64(l)) + if len(m.StringData) > 0 { + for k, v := range m.StringData { + _ = k + _ = v + mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v))) + n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize)) + } + } return n } @@ -31125,6 +31150,117 @@ func (m *Secret) Unmarshal(data []byte) error { } m.Type = SecretType(data[iNdEx:postIndex]) iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field StringData", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := data[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + var keykey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := data[iNdEx] + iNdEx++ + keykey |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + var stringLenmapkey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := data[iNdEx] + iNdEx++ + stringLenmapkey |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapkey := int(stringLenmapkey) + if intStringLenmapkey < 0 { + return ErrInvalidLengthGenerated + } + postStringIndexmapkey := iNdEx + intStringLenmapkey + if postStringIndexmapkey > l { + return io.ErrUnexpectedEOF + } + mapkey := string(data[iNdEx:postStringIndexmapkey]) + iNdEx = postStringIndexmapkey + var valuekey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := data[iNdEx] + iNdEx++ + valuekey |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + var stringLenmapvalue uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := data[iNdEx] + iNdEx++ + stringLenmapvalue |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapvalue := int(stringLenmapvalue) + if intStringLenmapvalue < 0 { + return ErrInvalidLengthGenerated + } + postStringIndexmapvalue := iNdEx + intStringLenmapvalue + if postStringIndexmapvalue > l { + return io.ErrUnexpectedEOF + } + mapvalue := string(data[iNdEx:postStringIndexmapvalue]) + iNdEx = postStringIndexmapvalue + if m.StringData == nil { + m.StringData = make(map[string]string) + } + m.StringData[mapkey] = mapvalue + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(data[iNdEx:]) diff --git a/pkg/api/v1/generated.proto b/pkg/api/v1/generated.proto index d6a19d9faf..86fbcabb3e 100644 --- a/pkg/api/v1/generated.proto +++ b/pkg/api/v1/generated.proto @@ -2477,6 +2477,13 @@ message Secret { // Described in https://tools.ietf.org/html/rfc4648#section-4 map data = 2; + // stringData allows specifying non-binary secret data in string form. + // It is provided as a write-only convenience method. + // All keys and values are merged into the data field on write, overwriting any existing values. + // It is never output when reading from the API. + // +genconversion=false + map stringData = 4; + // Used to facilitate programmatic handling of secret data. optional string type = 3; } diff --git a/pkg/api/v1/types.generated.go b/pkg/api/v1/types.generated.go index 304ec2acd1..93c45dadf2 100644 --- a/pkg/api/v1/types.generated.go +++ b/pkg/api/v1/types.generated.go @@ -49484,17 +49484,18 @@ func (x *Secret) CodecEncodeSelf(e *codec1978.Encoder) { } else { yysep2 := !z.EncBinary() yy2arr2 := z.EncBasicHandle().StructToArray - var yyq2 [5]bool + var yyq2 [6]bool _, _, _ = yysep2, yyq2, yy2arr2 const yyr2 bool = false yyq2[0] = true yyq2[1] = len(x.Data) != 0 - yyq2[2] = x.Type != "" - yyq2[3] = x.Kind != "" - yyq2[4] = x.APIVersion != "" + yyq2[2] = len(x.StringData) != 0 + yyq2[3] = x.Type != "" + yyq2[4] = x.Kind != "" + yyq2[5] = x.APIVersion != "" var yynn2 int if yyr2 || yy2arr2 { - r.EncodeArrayStart(5) + r.EncodeArrayStart(6) } else { yynn2 = 0 for _, b := range yyq2 { @@ -49558,41 +49559,49 @@ func (x *Secret) CodecEncodeSelf(e *codec1978.Encoder) { if yyr2 || yy2arr2 { z.EncSendContainerState(codecSelfer_containerArrayElem1234) if yyq2[2] { - x.Type.CodecEncodeSelf(e) + if x.StringData == nil { + r.EncodeNil() + } else { + yym12 := z.EncBinary() + _ = yym12 + if false { + } else { + z.F.EncMapStringStringV(x.StringData, false, e) + } + } } else { - r.EncodeString(codecSelferC_UTF81234, "") + r.EncodeNil() } } else { if yyq2[2] { z.EncSendContainerState(codecSelfer_containerMapKey1234) - r.EncodeString(codecSelferC_UTF81234, string("type")) + r.EncodeString(codecSelferC_UTF81234, string("stringData")) z.EncSendContainerState(codecSelfer_containerMapValue1234) - x.Type.CodecEncodeSelf(e) + if x.StringData == nil { + r.EncodeNil() + } else { + yym13 := z.EncBinary() + _ = yym13 + if false { + } else { + z.F.EncMapStringStringV(x.StringData, false, e) + } + } } } if yyr2 || yy2arr2 { z.EncSendContainerState(codecSelfer_containerArrayElem1234) if yyq2[3] { - yym15 := z.EncBinary() - _ = yym15 - if false { - } else { - r.EncodeString(codecSelferC_UTF81234, string(x.Kind)) - } + x.Type.CodecEncodeSelf(e) } else { r.EncodeString(codecSelferC_UTF81234, "") } } else { if yyq2[3] { z.EncSendContainerState(codecSelfer_containerMapKey1234) - r.EncodeString(codecSelferC_UTF81234, string("kind")) + r.EncodeString(codecSelferC_UTF81234, string("type")) z.EncSendContainerState(codecSelfer_containerMapValue1234) - yym16 := z.EncBinary() - _ = yym16 - if false { - } else { - r.EncodeString(codecSelferC_UTF81234, string(x.Kind)) - } + x.Type.CodecEncodeSelf(e) } } if yyr2 || yy2arr2 { @@ -49602,7 +49611,7 @@ func (x *Secret) CodecEncodeSelf(e *codec1978.Encoder) { _ = yym18 if false { } else { - r.EncodeString(codecSelferC_UTF81234, string(x.APIVersion)) + r.EncodeString(codecSelferC_UTF81234, string(x.Kind)) } } else { r.EncodeString(codecSelferC_UTF81234, "") @@ -49610,11 +49619,36 @@ func (x *Secret) CodecEncodeSelf(e *codec1978.Encoder) { } else { if yyq2[4] { z.EncSendContainerState(codecSelfer_containerMapKey1234) - r.EncodeString(codecSelferC_UTF81234, string("apiVersion")) + r.EncodeString(codecSelferC_UTF81234, string("kind")) z.EncSendContainerState(codecSelfer_containerMapValue1234) yym19 := z.EncBinary() _ = yym19 if false { + } else { + r.EncodeString(codecSelferC_UTF81234, string(x.Kind)) + } + } + } + if yyr2 || yy2arr2 { + z.EncSendContainerState(codecSelfer_containerArrayElem1234) + if yyq2[5] { + yym21 := z.EncBinary() + _ = yym21 + if false { + } else { + r.EncodeString(codecSelferC_UTF81234, string(x.APIVersion)) + } + } else { + r.EncodeString(codecSelferC_UTF81234, "") + } + } else { + if yyq2[5] { + z.EncSendContainerState(codecSelfer_containerMapKey1234) + r.EncodeString(codecSelferC_UTF81234, string("apiVersion")) + z.EncSendContainerState(codecSelfer_containerMapValue1234) + yym22 := z.EncBinary() + _ = yym22 + if false { } else { r.EncodeString(codecSelferC_UTF81234, string(x.APIVersion)) } @@ -49700,6 +49734,18 @@ func (x *Secret) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { h.decMapstringSliceuint8((*map[string][]uint8)(yyv5), d) } } + case "stringData": + if r.TryDecodeAsNil() { + x.StringData = nil + } else { + yyv7 := &x.StringData + yym8 := z.DecBinary() + _ = yym8 + if false { + } else { + z.F.DecMapStringStringX(yyv7, false, d) + } + } case "type": if r.TryDecodeAsNil() { x.Type = "" @@ -49729,16 +49775,16 @@ func (x *Secret) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { var h codecSelfer1234 z, r := codec1978.GenHelperDecoder(d) _, _, _ = h, z, r - var yyj10 int - var yyb10 bool - var yyhl10 bool = l >= 0 - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l + var yyj12 int + var yyb12 bool + var yyhl12 bool = l >= 0 + yyj12++ + if yyhl12 { + yyb12 = yyj12 > l } else { - yyb10 = r.CheckBreak() + yyb12 = r.CheckBreak() } - if yyb10 { + if yyb12 { z.DecSendContainerState(codecSelfer_containerArrayEnd1234) return } @@ -49746,16 +49792,16 @@ func (x *Secret) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { if r.TryDecodeAsNil() { x.ObjectMeta = ObjectMeta{} } else { - yyv11 := &x.ObjectMeta - yyv11.CodecDecodeSelf(d) + yyv13 := &x.ObjectMeta + yyv13.CodecDecodeSelf(d) } - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l + yyj12++ + if yyhl12 { + yyb12 = yyj12 > l } else { - yyb10 = r.CheckBreak() + yyb12 = r.CheckBreak() } - if yyb10 { + if yyb12 { z.DecSendContainerState(codecSelfer_containerArrayEnd1234) return } @@ -49763,21 +49809,43 @@ func (x *Secret) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { if r.TryDecodeAsNil() { x.Data = nil } else { - yyv12 := &x.Data - yym13 := z.DecBinary() - _ = yym13 + yyv14 := &x.Data + yym15 := z.DecBinary() + _ = yym15 if false { } else { - h.decMapstringSliceuint8((*map[string][]uint8)(yyv12), d) + h.decMapstringSliceuint8((*map[string][]uint8)(yyv14), d) } } - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l + yyj12++ + if yyhl12 { + yyb12 = yyj12 > l } else { - yyb10 = r.CheckBreak() + yyb12 = r.CheckBreak() } - if yyb10 { + if yyb12 { + z.DecSendContainerState(codecSelfer_containerArrayEnd1234) + return + } + z.DecSendContainerState(codecSelfer_containerArrayElem1234) + if r.TryDecodeAsNil() { + x.StringData = nil + } else { + yyv16 := &x.StringData + yym17 := z.DecBinary() + _ = yym17 + if false { + } else { + z.F.DecMapStringStringX(yyv16, false, d) + } + } + yyj12++ + if yyhl12 { + yyb12 = yyj12 > l + } else { + yyb12 = r.CheckBreak() + } + if yyb12 { z.DecSendContainerState(codecSelfer_containerArrayEnd1234) return } @@ -49787,13 +49855,13 @@ func (x *Secret) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { } else { x.Type = SecretType(r.DecodeString()) } - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l + yyj12++ + if yyhl12 { + yyb12 = yyj12 > l } else { - yyb10 = r.CheckBreak() + yyb12 = r.CheckBreak() } - if yyb10 { + if yyb12 { z.DecSendContainerState(codecSelfer_containerArrayEnd1234) return } @@ -49803,13 +49871,13 @@ func (x *Secret) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { } else { x.Kind = string(r.DecodeString()) } - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l + yyj12++ + if yyhl12 { + yyb12 = yyj12 > l } else { - yyb10 = r.CheckBreak() + yyb12 = r.CheckBreak() } - if yyb10 { + if yyb12 { z.DecSendContainerState(codecSelfer_containerArrayEnd1234) return } @@ -49820,17 +49888,17 @@ func (x *Secret) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { x.APIVersion = string(r.DecodeString()) } for { - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l + yyj12++ + if yyhl12 { + yyb12 = yyj12 > l } else { - yyb10 = r.CheckBreak() + yyb12 = r.CheckBreak() } - if yyb10 { + if yyb12 { break } z.DecSendContainerState(codecSelfer_containerArrayElem1234) - z.DecStructFieldNotFound(yyj10-1, "") + z.DecStructFieldNotFound(yyj12-1, "") } z.DecSendContainerState(codecSelfer_containerArrayEnd1234) } @@ -59376,7 +59444,7 @@ func (x codecSelfer1234) decSliceSecret(v *[]Secret, d *codec1978.Decoder) { yyrg1 := len(yyv1) > 0 yyv21 := yyv1 - yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 264) + yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 272) if yyrt1 { if yyrl1 <= cap(yyv1) { yyv1 = yyv1[:yyrl1] diff --git a/pkg/api/v1/types.go b/pkg/api/v1/types.go index 7a55940147..557a61a556 100644 --- a/pkg/api/v1/types.go +++ b/pkg/api/v1/types.go @@ -3089,6 +3089,13 @@ type Secret struct { // Described in https://tools.ietf.org/html/rfc4648#section-4 Data map[string][]byte `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"` + // stringData allows specifying non-binary secret data in string form. + // It is provided as a write-only convenience method. + // All keys and values are merged into the data field on write, overwriting any existing values. + // It is never output when reading from the API. + // +genconversion=false + StringData map[string]string `json:"stringData,omitempty" protobuf:"bytes,4,rep,name=stringData"` + // Used to facilitate programmatic handling of secret data. Type SecretType `json:"type,omitempty" protobuf:"bytes,3,opt,name=type,casttype=SecretType"` } diff --git a/pkg/api/v1/types_swagger_doc_generated.go b/pkg/api/v1/types_swagger_doc_generated.go index fcb047690b..7fe761a673 100644 --- a/pkg/api/v1/types_swagger_doc_generated.go +++ b/pkg/api/v1/types_swagger_doc_generated.go @@ -1485,10 +1485,11 @@ func (SELinuxOptions) SwaggerDoc() map[string]string { } var map_Secret = map[string]string{ - "": "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.", - "metadata": "Standard object's metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata", - "data": "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4", - "type": "Used to facilitate programmatic handling of secret data.", + "": "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.", + "metadata": "Standard object's metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata", + "data": "Data contains the secret data. Each key must be a valid DNS_SUBDOMAIN or leading dot followed by valid DNS_SUBDOMAIN. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4", + "stringData": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.", + "type": "Used to facilitate programmatic handling of secret data.", } func (Secret) SwaggerDoc() map[string]string {