diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index ea388d9ae7..eff6c83562 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -25062,6 +25062,387 @@ } ] }, + "/apis/extensions/v1beta1/podsecuritypolicies": { + "get": { + "description": "list or watch objects of kind PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "listExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicyList" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "post": { + "description": "create a PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "createExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicy" + } + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "delete": { + "description": "delete collection of PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "deleteExtensionsV1beta1CollectionPodSecurityPolicy", + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + } + ] + }, + "/apis/extensions/v1beta1/podsecuritypolicies/{name}": { + "get": { + "description": "read the specified PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "readExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "uniqueItems": true, + "type": "boolean", + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + "name": "exact", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Should this value be exported. Export strips fields that a user can not specify.", + "name": "export", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "put": { + "description": "replace the specified PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "replaceExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicy" + } + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "delete": { + "description": "delete a PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "deleteExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1.DeleteOptions" + } + }, + { + "uniqueItems": true, + "type": "integer", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "name": "gracePeriodSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list.", + "name": "orphanDependents", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "patch": { + "description": "partially update the specified PodSecurityPolicy", + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "patchExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1.Patch" + } + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "name of the PodSecurityPolicy", + "name": "name", + "in": "path", + "required": true + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + } + ] + }, "/apis/extensions/v1beta1/replicasets": { "get": { "description": "list or watch objects of kind ReplicaSet", @@ -26973,6 +27354,168 @@ } ] }, + "/apis/extensions/v1beta1/watch/podsecuritypolicies": { + "get": { + "description": "watch individual changes to a list of PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "watchExtensionsV1beta1PodSecurityPolicyList", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ] + }, + "/apis/extensions/v1beta1/watch/podsecuritypolicies/{name}": { + "get": { + "description": "watch changes to an object of kind PodSecurityPolicy", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "operationId": "watchExtensionsV1beta1PodSecurityPolicy", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "name of the PodSecurityPolicy", + "name": "name", + "in": "path", + "required": true + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ] + }, "/apis/extensions/v1beta1/watch/replicasets": { "get": { "description": "watch individual changes to a list of ReplicaSet", @@ -36556,6 +37099,22 @@ } } }, + "v1beta1.FSGroupStrategyOptions": { + "description": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy.", + "properties": { + "ranges": { + "description": "Ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end.", + "type": "array", + "items": { + "$ref": "#/definitions/v1beta1.IDRange" + } + }, + "rule": { + "description": "Rule is the strategy that will dictate what FSGroup is used in the SecurityContext.", + "type": "string" + } + } + }, "v1beta1.HTTPIngressPath": { "description": "HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.", "required": [ @@ -36699,6 +37258,44 @@ } } }, + "v1beta1.HostPortRange": { + "description": "Host Port Range defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined.", + "required": [ + "min", + "max" + ], + "properties": { + "max": { + "description": "max is the end of the range, inclusive.", + "type": "integer", + "format": "int32" + }, + "min": { + "description": "min is the start of the range, inclusive.", + "type": "integer", + "format": "int32" + } + } + }, + "v1beta1.IDRange": { + "description": "ID Range provides a min/max of an allowed range of IDs.", + "required": [ + "min", + "max" + ], + "properties": { + "max": { + "description": "Max is the end of the range, inclusive.", + "type": "integer", + "format": "int64" + }, + "min": { + "description": "Min is the start of the range, inclusive.", + "type": "integer", + "format": "int64" + } + } + }, "v1beta1.Ingress": { "description": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.", "properties": { @@ -37082,6 +37679,136 @@ } } }, + "v1beta1.PodSecurityPolicy": { + "description": "Pod Security Policy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata", + "$ref": "#/definitions/v1.ObjectMeta" + }, + "spec": { + "description": "spec defines the policy enforced.", + "$ref": "#/definitions/v1beta1.PodSecurityPolicySpec" + } + } + }, + "v1beta1.PodSecurityPolicyList": { + "description": "Pod Security Policy List is a list of PodSecurityPolicy objects.", + "required": [ + "items" + ], + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of schema objects.", + "type": "array", + "items": { + "$ref": "#/definitions/v1beta1.PodSecurityPolicy" + } + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard list metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata", + "$ref": "#/definitions/v1.ListMeta" + } + } + }, + "v1beta1.PodSecurityPolicySpec": { + "description": "Pod Security Policy Spec defines the policy enforced.", + "required": [ + "seLinux", + "runAsUser", + "supplementalGroups", + "fsGroup" + ], + "properties": { + "allowedCapabilities": { + "description": "AllowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities.", + "type": "array", + "items": { + "type": "string" + } + }, + "defaultAddCapabilities": { + "description": "DefaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities.", + "type": "array", + "items": { + "type": "string" + } + }, + "fsGroup": { + "description": "FSGroup is the strategy that will dictate what fs group is used by the SecurityContext.", + "$ref": "#/definitions/v1beta1.FSGroupStrategyOptions" + }, + "hostIPC": { + "description": "hostIPC determines if the policy allows the use of HostIPC in the pod spec.", + "type": "boolean" + }, + "hostNetwork": { + "description": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.", + "type": "boolean" + }, + "hostPID": { + "description": "hostPID determines if the policy allows the use of HostPID in the pod spec.", + "type": "boolean" + }, + "hostPorts": { + "description": "hostPorts determines which host port ranges are allowed to be exposed.", + "type": "array", + "items": { + "$ref": "#/definitions/v1beta1.HostPortRange" + } + }, + "privileged": { + "description": "privileged determines if a pod can request to be run as privileged.", + "type": "boolean" + }, + "readOnlyRootFilesystem": { + "description": "ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", + "type": "boolean" + }, + "requiredDropCapabilities": { + "description": "RequiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", + "type": "array", + "items": { + "type": "string" + } + }, + "runAsUser": { + "description": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.", + "$ref": "#/definitions/v1beta1.RunAsUserStrategyOptions" + }, + "seLinux": { + "description": "seLinux is the strategy that will dictate the allowable labels that may be set.", + "$ref": "#/definitions/v1beta1.SELinuxStrategyOptions" + }, + "supplementalGroups": { + "description": "SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.", + "$ref": "#/definitions/v1beta1.SupplementalGroupsStrategyOptions" + }, + "volumes": { + "description": "volumes is a white list of allowed volume plugins. Empty indicates that all plugins may be used.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, "v1beta1.ReplicaSet": { "description": "ReplicaSet represents the configuration of a ReplicaSet.", "properties": { @@ -37281,6 +38008,41 @@ } } }, + "v1beta1.RunAsUserStrategyOptions": { + "description": "Run A sUser Strategy Options defines the strategy type and any options used to create the strategy.", + "required": [ + "rule" + ], + "properties": { + "ranges": { + "description": "Ranges are the allowed ranges of uids that may be used.", + "type": "array", + "items": { + "$ref": "#/definitions/v1beta1.IDRange" + } + }, + "rule": { + "description": "Rule is the strategy that will dictate the allowable RunAsUser values that may be set.", + "type": "string" + } + } + }, + "v1beta1.SELinuxStrategyOptions": { + "description": "SELinux Strategy Options defines the strategy type and any options used to create the strategy.", + "required": [ + "rule" + ], + "properties": { + "rule": { + "description": "type is the strategy that will dictate the allowable labels that may be set.", + "type": "string" + }, + "seLinuxOptions": { + "description": "seLinuxOptions required to run as; required for MustRunAs More info: http://releases.k8s.io/HEAD/docs/design/security_context.md#security-context", + "$ref": "#/definitions/v1.SELinuxOptions" + } + } + }, "v1beta1.Scale": { "description": "represents a scaling request for a resource.", "properties": { @@ -37640,6 +38402,22 @@ } } }, + "v1beta1.SupplementalGroupsStrategyOptions": { + "description": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.", + "properties": { + "ranges": { + "description": "Ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end.", + "type": "array", + "items": { + "$ref": "#/definitions/v1beta1.IDRange" + } + }, + "rule": { + "description": "Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.", + "type": "string" + } + } + }, "v1beta1.ThirdPartyResource": { "description": "A ThirdPartyResource is a generic representation of a resource, it is used by add-ons and plugins to add new resource types to the API. It consists of one or more Versions of the api.", "properties": { diff --git a/api/swagger-spec/extensions_v1beta1.json b/api/swagger-spec/extensions_v1beta1.json index 8b29d861eb..761ff3c5ce 100644 --- a/api/swagger-spec/extensions_v1beta1.json +++ b/api/swagger-spec/extensions_v1beta1.json @@ -4919,6 +4919,581 @@ } ] }, + { + "path": "/apis/extensions/v1beta1/podsecuritypolicies", + "description": "API at /apis/extensions/v1beta1", + "operations": [ + { + "type": "v1beta1.PodSecurityPolicyList", + "method": "GET", + "summary": "list or watch objects of kind PodSecurityPolicy", + "nickname": "listPodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1beta1.PodSecurityPolicyList" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1beta1.PodSecurityPolicy", + "method": "POST", + "summary": "create a PodSecurityPolicy", + "nickname": "createPodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1beta1.PodSecurityPolicy", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1beta1.PodSecurityPolicy" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1.Status", + "method": "DELETE", + "summary": "delete collection of PodSecurityPolicy", + "nickname": "deletecollectionPodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.Status" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/extensions/v1beta1/watch/podsecuritypolicies", + "description": "API at /apis/extensions/v1beta1", + "operations": [ + { + "type": "v1.WatchEvent", + "method": "GET", + "summary": "watch individual changes to a list of PodSecurityPolicy", + "nickname": "watchPodSecurityPolicyList", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.WatchEvent" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/extensions/v1beta1/podsecuritypolicies/{name}", + "description": "API at /apis/extensions/v1beta1", + "operations": [ + { + "type": "v1beta1.PodSecurityPolicy", + "method": "GET", + "summary": "read the specified PodSecurityPolicy", + "nickname": "readPodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "export", + "description": "Should this value be exported. Export strips fields that a user can not specify.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "exact", + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the PodSecurityPolicy", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1beta1.PodSecurityPolicy" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1beta1.PodSecurityPolicy", + "method": "PUT", + "summary": "replace the specified PodSecurityPolicy", + "nickname": "replacePodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1beta1.PodSecurityPolicy", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the PodSecurityPolicy", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1beta1.PodSecurityPolicy" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1beta1.PodSecurityPolicy", + "method": "PATCH", + "summary": "partially update the specified PodSecurityPolicy", + "nickname": "patchPodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1.Patch", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the PodSecurityPolicy", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1beta1.PodSecurityPolicy" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ] + }, + { + "type": "v1.Status", + "method": "DELETE", + "summary": "delete a PodSecurityPolicy", + "nickname": "deletePodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1.DeleteOptions", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "gracePeriodSeconds", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "orphanDependents", + "description": "Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the PodSecurityPolicy", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.Status" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/extensions/v1beta1/watch/podsecuritypolicies/{name}", + "description": "API at /apis/extensions/v1beta1", + "operations": [ + { + "type": "v1.WatchEvent", + "method": "GET", + "summary": "watch changes to an object of kind PodSecurityPolicy", + "nickname": "watchPodSecurityPolicy", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the PodSecurityPolicy", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.WatchEvent" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + } + ] + }, { "path": "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets", "description": "API at /apis/extensions/v1beta1", @@ -9595,6 +10170,254 @@ } } }, + "v1beta1.PodSecurityPolicyList": { + "id": "v1beta1.PodSecurityPolicyList", + "description": "Pod Security Policy List is a list of PodSecurityPolicy objects.", + "required": [ + "items" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ListMeta", + "description": "Standard list metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata" + }, + "items": { + "type": "array", + "items": { + "$ref": "v1beta1.PodSecurityPolicy" + }, + "description": "Items is a list of schema objects." + } + } + }, + "v1beta1.PodSecurityPolicy": { + "id": "v1beta1.PodSecurityPolicy", + "description": "Pod Security Policy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.", + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ObjectMeta", + "description": "Standard object's metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "v1beta1.PodSecurityPolicySpec", + "description": "spec defines the policy enforced." + } + } + }, + "v1beta1.PodSecurityPolicySpec": { + "id": "v1beta1.PodSecurityPolicySpec", + "description": "Pod Security Policy Spec defines the policy enforced.", + "required": [ + "seLinux", + "runAsUser", + "supplementalGroups", + "fsGroup" + ], + "properties": { + "privileged": { + "type": "boolean", + "description": "privileged determines if a pod can request to be run as privileged." + }, + "defaultAddCapabilities": { + "type": "array", + "items": { + "$ref": "v1.Capability" + }, + "description": "DefaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities." + }, + "requiredDropCapabilities": { + "type": "array", + "items": { + "$ref": "v1.Capability" + }, + "description": "RequiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added." + }, + "allowedCapabilities": { + "type": "array", + "items": { + "$ref": "v1.Capability" + }, + "description": "AllowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities." + }, + "volumes": { + "type": "array", + "items": { + "$ref": "v1beta1.FSType" + }, + "description": "volumes is a white list of allowed volume plugins. Empty indicates that all plugins may be used." + }, + "hostNetwork": { + "type": "boolean", + "description": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec." + }, + "hostPorts": { + "type": "array", + "items": { + "$ref": "v1beta1.HostPortRange" + }, + "description": "hostPorts determines which host port ranges are allowed to be exposed." + }, + "hostPID": { + "type": "boolean", + "description": "hostPID determines if the policy allows the use of HostPID in the pod spec." + }, + "hostIPC": { + "type": "boolean", + "description": "hostIPC determines if the policy allows the use of HostIPC in the pod spec." + }, + "seLinux": { + "$ref": "v1beta1.SELinuxStrategyOptions", + "description": "seLinux is the strategy that will dictate the allowable labels that may be set." + }, + "runAsUser": { + "$ref": "v1beta1.RunAsUserStrategyOptions", + "description": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set." + }, + "supplementalGroups": { + "$ref": "v1beta1.SupplementalGroupsStrategyOptions", + "description": "SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext." + }, + "fsGroup": { + "$ref": "v1beta1.FSGroupStrategyOptions", + "description": "FSGroup is the strategy that will dictate what fs group is used by the SecurityContext." + }, + "readOnlyRootFilesystem": { + "type": "boolean", + "description": "ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to." + } + } + }, + "v1beta1.FSType": { + "id": "v1beta1.FSType", + "properties": {} + }, + "v1beta1.HostPortRange": { + "id": "v1beta1.HostPortRange", + "description": "Host Port Range defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined.", + "required": [ + "min", + "max" + ], + "properties": { + "min": { + "type": "integer", + "format": "int32", + "description": "min is the start of the range, inclusive." + }, + "max": { + "type": "integer", + "format": "int32", + "description": "max is the end of the range, inclusive." + } + } + }, + "v1beta1.SELinuxStrategyOptions": { + "id": "v1beta1.SELinuxStrategyOptions", + "description": "SELinux Strategy Options defines the strategy type and any options used to create the strategy.", + "required": [ + "rule" + ], + "properties": { + "rule": { + "type": "string", + "description": "type is the strategy that will dictate the allowable labels that may be set." + }, + "seLinuxOptions": { + "$ref": "v1.SELinuxOptions", + "description": "seLinuxOptions required to run as; required for MustRunAs More info: http://releases.k8s.io/HEAD/docs/design/security_context.md#security-context" + } + } + }, + "v1beta1.RunAsUserStrategyOptions": { + "id": "v1beta1.RunAsUserStrategyOptions", + "description": "Run A sUser Strategy Options defines the strategy type and any options used to create the strategy.", + "required": [ + "rule" + ], + "properties": { + "rule": { + "type": "string", + "description": "Rule is the strategy that will dictate the allowable RunAsUser values that may be set." + }, + "ranges": { + "type": "array", + "items": { + "$ref": "v1beta1.IDRange" + }, + "description": "Ranges are the allowed ranges of uids that may be used." + } + } + }, + "v1beta1.IDRange": { + "id": "v1beta1.IDRange", + "description": "ID Range provides a min/max of an allowed range of IDs.", + "required": [ + "min", + "max" + ], + "properties": { + "min": { + "type": "integer", + "format": "int64", + "description": "Min is the start of the range, inclusive." + }, + "max": { + "type": "integer", + "format": "int64", + "description": "Max is the end of the range, inclusive." + } + } + }, + "v1beta1.SupplementalGroupsStrategyOptions": { + "id": "v1beta1.SupplementalGroupsStrategyOptions", + "description": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.", + "properties": { + "rule": { + "type": "string", + "description": "Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext." + }, + "ranges": { + "type": "array", + "items": { + "$ref": "v1beta1.IDRange" + }, + "description": "Ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end." + } + } + }, + "v1beta1.FSGroupStrategyOptions": { + "id": "v1beta1.FSGroupStrategyOptions", + "description": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy.", + "properties": { + "rule": { + "type": "string", + "description": "Rule is the strategy that will dictate what FSGroup is used in the SecurityContext." + }, + "ranges": { + "type": "array", + "items": { + "$ref": "v1beta1.IDRange" + }, + "description": "Ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end." + } + } + }, "v1beta1.ReplicaSetList": { "id": "v1beta1.ReplicaSetList", "description": "ReplicaSetList is a collection of ReplicaSets.", diff --git a/docs/api-reference/extensions/v1beta1/definitions.html b/docs/api-reference/extensions/v1beta1/definitions.html index 3167f21005..35181779ef 100755 --- a/docs/api-reference/extensions/v1beta1/definitions.html +++ b/docs/api-reference/extensions/v1beta1/definitions.html @@ -412,6 +412,12 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

v1beta1.ReplicaSetList

  • +

    v1beta1.PodSecurityPolicy

    +
    • +
  • +

    v1beta1.PodSecurityPolicyList

    +
    • +

  • v1beta1.NetworkPolicy

  • @@ -1387,6 +1393,61 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; } + +
    +

    v1beta1.PodSecurityPolicyList

    +
    +

    Pod Security Policy List is a list of PodSecurityPolicy objects.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    kind

    Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds

    false

    string

    apiVersion

    APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources

    false

    string

    metadata

    Standard list metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata

    false

    v1.ListMeta

    items

    Items is a list of schema objects.

    true

    v1beta1.PodSecurityPolicy array

    +

    v1beta1.RollingUpdateDeployment

    @@ -1428,6 +1489,47 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; } +
    +
    +

    v1beta1.FSGroupStrategyOptions

    +
    +

    FSGroupStrategyOptions defines the strategy type and options used to create the strategy.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    rule

    Rule is the strategy that will dictate what FSGroup is used in the SecurityContext.

    false

    string

    ranges

    Ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end.

    false

    v1beta1.IDRange array

    +

    v1beta1.HTTPIngressRuleValue

    @@ -2471,6 +2573,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i +
    +
    +

    v1beta1.SELinuxStrategyOptions

    +
    +

    SELinux Strategy Options defines the strategy type and any options used to create the strategy.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    rule

    type is the strategy that will dictate the allowable labels that may be set.

    true

    string

    seLinuxOptions

    seLinuxOptions required to run as; required for MustRunAs More info: http://releases.k8s.io/HEAD/docs/design/security_context.md#security-context

    false

    v1.SELinuxOptions

    +

    v1beta1.HorizontalPodAutoscaler

    @@ -2533,6 +2676,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i +
    +
    +

    v1beta1.RunAsUserStrategyOptions

    +
    +

    Run A sUser Strategy Options defines the strategy type and any options used to create the strategy.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    rule

    Rule is the strategy that will dictate the allowable RunAsUser values that may be set.

    true

    string

    ranges

    Ranges are the allowed ranges of uids that may be used.

    false

    v1beta1.IDRange array

    +

    v1beta1.RollbackConfig

    @@ -2807,6 +2991,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i +
    +
    +

    v1beta1.SupplementalGroupsStrategyOptions

    +
    +

    SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    rule

    Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.

    false

    string

    ranges

    Ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end.

    false

    v1beta1.IDRange array

    +

    v1.AzureDiskVolumeSource

    @@ -3573,6 +3798,61 @@ Populated by the system when a graceful deletion is requested. Read-only. More i +
    +
    +

    v1beta1.PodSecurityPolicy

    +
    +

    Pod Security Policy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    kind

    Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds

    false

    string

    apiVersion

    APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources

    false

    string

    metadata

    Standard object’s metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata

    false

    v1.ObjectMeta

    spec

    spec defines the policy enforced.

    false

    v1beta1.PodSecurityPolicySpec

    +

    v1.Capability

    @@ -4370,6 +4650,10 @@ Examples:
    +
    +
    +

    v1beta1.FSType

    +

    v1.Status

    @@ -6266,6 +6550,47 @@ Both these may change in the future. Incoming requests are matched against the h +
    +
    +

    v1beta1.HostPortRange

    +
    +

    Host Port Range defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    min

    min is the start of the range, inclusive.

    true

    integer (int32)

    max

    max is the end of the range, inclusive.

    true

    integer (int32)

    +

    v1.WatchEvent

    @@ -6560,6 +6885,131 @@ Both these may change in the future. Incoming requests are matched against the h

    Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

    +
    +
    +

    v1beta1.PodSecurityPolicySpec

    +
    +

    Pod Security Policy Spec defines the policy enforced.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    privileged

    privileged determines if a pod can request to be run as privileged.

    false

    boolean

    false

    defaultAddCapabilities

    DefaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities.

    false

    v1.Capability array

    requiredDropCapabilities

    RequiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.

    false

    v1.Capability array

    allowedCapabilities

    AllowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author’s discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities.

    false

    v1.Capability array

    volumes

    volumes is a white list of allowed volume plugins. Empty indicates that all plugins may be used.

    false

    v1beta1.FSType array

    hostNetwork

    hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.

    false

    boolean

    false

    hostPorts

    hostPorts determines which host port ranges are allowed to be exposed.

    false

    v1beta1.HostPortRange array

    hostPID

    hostPID determines if the policy allows the use of HostPID in the pod spec.

    false

    boolean

    false

    hostIPC

    hostIPC determines if the policy allows the use of HostIPC in the pod spec.

    false

    boolean

    false

    seLinux

    seLinux is the strategy that will dictate the allowable labels that may be set.

    true

    v1beta1.SELinuxStrategyOptions

    runAsUser

    runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.

    true

    v1beta1.RunAsUserStrategyOptions

    supplementalGroups

    SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.

    true

    v1beta1.SupplementalGroupsStrategyOptions

    fsGroup

    FSGroup is the strategy that will dictate what fs group is used by the SecurityContext.

    true

    v1beta1.FSGroupStrategyOptions

    readOnlyRootFilesystem

    ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.

    false

    boolean

    false

    +

    v1beta1.DeploymentCondition

    @@ -6748,6 +7198,47 @@ Both these may change in the future. Incoming requests are matched against the h +
    +
    +

    v1beta1.IDRange

    +
    +

    ID Range provides a min/max of an allowed range of IDs.

    +
    + +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
    NameDescriptionRequiredSchemaDefault

    min

    Min is the start of the range, inclusive.

    true

    integer (int64)

    max

    Max is the end of the range, inclusive.

    true

    integer (int64)

    +

    v1beta1.HorizontalPodAutoscalerList

    @@ -7018,7 +7509,7 @@ Both these may change in the future. Incoming requests are matched against the h
    diff --git a/docs/api-reference/extensions/v1beta1/operations.html b/docs/api-reference/extensions/v1beta1/operations.html index b8b0ad4312..9d05c10082 100755 --- a/docs/api-reference/extensions/v1beta1/operations.html +++ b/docs/api-reference/extensions/v1beta1/operations.html @@ -10137,10 +10137,10 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    list or watch objects of kind ReplicaSet

    +

    list or watch objects of kind PodSecurityPolicy

    -
    GET /apis/extensions/v1beta1/replicasets
    +
    GET /apis/extensions/v1beta1/podsecuritypolicies
    @@ -10236,7 +10236,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

    200

    success

    -

    v1beta1.ReplicaSetList

    +

    v1beta1.PodSecurityPolicyList

    @@ -10286,10 +10286,10 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    list or watch objects of kind ThirdPartyResource

    +

    delete collection of PodSecurityPolicy

    -
    GET /apis/extensions/v1beta1/thirdpartyresources
    +
    DELETE /apis/extensions/v1beta1/podsecuritypolicies
    @@ -10385,7 +10385,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

    200

    success

    -

    v1beta1.ThirdPartyResourceList

    +

    v1.Status

    @@ -10414,12 +10414,6 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

  • application/vnd.kubernetes.protobuf

    • -
  • -

    application/json;stream=watch

    -
    • -
  • -

    application/vnd.kubernetes.protobuf;stream=watch

    -
    • @@ -10435,10 +10429,10 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    delete collection of ThirdPartyResource

    +

    create a PodSecurityPolicy

    -
    DELETE /apis/extensions/v1beta1/thirdpartyresources
    +
    POST /apis/extensions/v1beta1/podsecuritypolicies
    @@ -10472,6 +10466,623 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; } +

    BodyParameter

    +

    body

    + +

    true

    +

    v1beta1.PodSecurityPolicy

    + + + + + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.PodSecurityPolicy

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    read the specified PodSecurityPolicy

    +
    +
    +
    GET /apis/extensions/v1beta1/podsecuritypolicies/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    export

    Should this value be exported. Export strips fields that a user can not specify.

    false

    boolean

    QueryParameter

    exact

    Should the export be exact. Exact export maintains cluster-specific fields like Namespace.

    false

    boolean

    PathParameter

    name

    name of the PodSecurityPolicy

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.PodSecurityPolicy

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    replace the specified PodSecurityPolicy

    +
    +
    +
    PUT /apis/extensions/v1beta1/podsecuritypolicies/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1beta1.PodSecurityPolicy

    PathParameter

    name

    name of the PodSecurityPolicy

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.PodSecurityPolicy

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    delete a PodSecurityPolicy

    +
    +
    +
    DELETE /apis/extensions/v1beta1/podsecuritypolicies/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1.DeleteOptions

    QueryParameter

    gracePeriodSeconds

    The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

    false

    integer (int32)

    QueryParameter

    orphanDependents

    Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.

    false

    boolean

    PathParameter

    name

    name of the PodSecurityPolicy

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1.Status

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    partially update the specified PodSecurityPolicy

    +
    +
    +
    PATCH /apis/extensions/v1beta1/podsecuritypolicies/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1.Patch

    PathParameter

    name

    name of the PodSecurityPolicy

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.PodSecurityPolicy

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      application/json-patch+json

      +
      • +
    • +

      application/merge-patch+json

      +
      • +
    • +

      application/strategic-merge-patch+json

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    list or watch objects of kind ReplicaSet

    +
    +
    +
    GET /apis/extensions/v1beta1/replicasets
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + @@ -10514,617 +11125,6 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    labelSelector

    A selector to restrict the list of returned objects by their labels. Defaults to everything.
    -
    -
    -

    Responses

    - ----- - - - - - - - - - - - - - - -
    HTTP CodeDescriptionSchema

    200

    success

    v1.Status

    - -
    -
    -

    Consumes

    -
    -
      -
    • -

      /

      -
      • -
    -
    -
    -
    -

    Produces

    -
    -
      -
    • -

      application/json

      -
      • -
    • -

      application/yaml

      -
      • -
    • -

      application/vnd.kubernetes.protobuf

      -
      • -
    -
    -
    -
    -

    Tags

    -
    -
      -
    • -

      apisextensionsv1beta1

      -
      • -
    -
    -
    -
    -
    -

    create a ThirdPartyResource

    -
    -
    -
    POST /apis/extensions/v1beta1/thirdpartyresources
    -
    -
    -
    -

    Parameters

    - -------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1beta1.ThirdPartyResource

    - -
    -
    -

    Responses

    - ----- - - - - - - - - - - - - - - -
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.ThirdPartyResource

    - -
    -
    -

    Consumes

    -
    -
      -
    • -

      /

      -
      • -
    -
    -
    -
    -

    Produces

    -
    -
      -
    • -

      application/json

      -
      • -
    • -

      application/yaml

      -
      • -
    • -

      application/vnd.kubernetes.protobuf

      -
      • -
    -
    -
    -
    -

    Tags

    -
    -
      -
    • -

      apisextensionsv1beta1

      -
      • -
    -
    -
    -
    -
    -

    read the specified ThirdPartyResource

    -
    -
    -
    GET /apis/extensions/v1beta1/thirdpartyresources/{name}
    -
    -
    -
    -

    Parameters

    - -------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    export

    Should this value be exported. Export strips fields that a user can not specify.

    false

    boolean

    QueryParameter

    exact

    Should the export be exact. Exact export maintains cluster-specific fields like Namespace.

    false

    boolean

    PathParameter

    name

    name of the ThirdPartyResource

    true

    string

    - -
    -
    -

    Responses

    - ----- - - - - - - - - - - - - - - -
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.ThirdPartyResource

    - -
    -
    -

    Consumes

    -
    -
      -
    • -

      /

      -
      • -
    -
    -
    -
    -

    Produces

    -
    -
      -
    • -

      application/json

      -
      • -
    • -

      application/yaml

      -
      • -
    • -

      application/vnd.kubernetes.protobuf

      -
      • -
    -
    -
    -
    -

    Tags

    -
    -
      -
    • -

      apisextensionsv1beta1

      -
      • -
    -
    -
    -
    -
    -

    replace the specified ThirdPartyResource

    -
    -
    -
    PUT /apis/extensions/v1beta1/thirdpartyresources/{name}
    -
    -
    -
    -

    Parameters

    - -------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1beta1.ThirdPartyResource

    PathParameter

    name

    name of the ThirdPartyResource

    true

    string

    - -
    -
    -

    Responses

    - ----- - - - - - - - - - - - - - - -
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.ThirdPartyResource

    - -
    -
    -

    Consumes

    -
    -
      -
    • -

      /

      -
      • -
    -
    -
    -
    -

    Produces

    -
    -
      -
    • -

      application/json

      -
      • -
    • -

      application/yaml

      -
      • -
    • -

      application/vnd.kubernetes.protobuf

      -
      • -
    -
    -
    -
    -

    Tags

    -
    -
      -
    • -

      apisextensionsv1beta1

      -
      • -
    -
    -
    -
    -
    -

    delete a ThirdPartyResource

    -
    -
    -
    DELETE /apis/extensions/v1beta1/thirdpartyresources/{name}
    -
    -
    -
    -

    Parameters

    - -------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1.DeleteOptions

    QueryParameter

    gracePeriodSeconds

    The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

    false

    integer (int32)

    QueryParameter

    orphanDependents

    Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.

    false

    boolean

    PathParameter

    name

    name of the ThirdPartyResource

    true

    string

    - -
    -
    -

    Responses

    - ----- - - - - - - - - - - - - - - -
    HTTP CodeDescriptionSchema

    200

    success

    v1.Status

    - -
    -
    -

    Consumes

    -
    -
      -
    • -

      /

      -
      • -
    -
    -
    -
    -

    Produces

    -
    -
      -
    • -

      application/json

      -
      • -
    • -

      application/yaml

      -
      • -
    • -

      application/vnd.kubernetes.protobuf

      -
      • -
    -
    -
    -
    -

    Tags

    -
    -
      -
    • -

      apisextensionsv1beta1

      -
      • -
    -
    -
    -
    -
    -

    partially update the specified ThirdPartyResource

    -
    -
    -
    PATCH /apis/extensions/v1beta1/thirdpartyresources/{name}
    -
    -
    -
    -

    Parameters

    - -------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1.Patch

    PathParameter

    name

    name of the ThirdPartyResource

    true

    string

    -

    Responses

    @@ -11145,7 +11145,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

    200

    success

    -

    v1beta1.ThirdPartyResource

    +

    v1beta1.ReplicaSetList

    @@ -11156,13 +11156,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    • -

      application/json-patch+json

      -
      • -
    • -

      application/merge-patch+json

      -
      • -
    • -

      application/strategic-merge-patch+json

      +

      /

    @@ -11180,6 +11174,12 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

  • application/vnd.kubernetes.protobuf

    • +
  • +

    application/json;stream=watch

    +
    • +
  • +

    application/vnd.kubernetes.protobuf;stream=watch

    +
    • @@ -11195,10 +11195,10 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    watch individual changes to a list of DaemonSet

    +

    list or watch objects of kind ThirdPartyResource

    -
    GET /apis/extensions/v1beta1/watch/daemonsets
    +
    GET /apis/extensions/v1beta1/thirdpartyresources
    @@ -11294,7 +11294,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

    200

    success

    -

    v1.WatchEvent

    +

    v1beta1.ThirdPartyResourceList

    @@ -11344,10 +11344,10 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    watch individual changes to a list of Deployment

    +

    delete collection of ThirdPartyResource

    -
    GET /apis/extensions/v1beta1/watch/deployments
    +
    DELETE /apis/extensions/v1beta1/thirdpartyresources
    @@ -11443,7 +11443,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

    200

    success

    -

    v1.WatchEvent

    +

    v1.Status

    @@ -11472,12 +11472,6 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

  • application/vnd.kubernetes.protobuf

    • -
  • -

    application/json;stream=watch

    -
    • -
  • -

    application/vnd.kubernetes.protobuf;stream=watch

    -
    • @@ -11493,10 +11487,10 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    watch individual changes to a list of HorizontalPodAutoscaler

    +

    create a ThirdPartyResource

    -
    GET /apis/extensions/v1beta1/watch/horizontalpodautoscalers
    +
    POST /apis/extensions/v1beta1/thirdpartyresources
    @@ -11530,43 +11524,11 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; } -

    QueryParameter

    -

    labelSelector

    -

    A selector to restrict the list of returned objects by their labels. Defaults to everything.

    -

    false

    -

    string

    +

    BodyParameter

    +

    body

    - - -

    QueryParameter

    -

    fieldSelector

    -

    A selector to restrict the list of returned objects by their fields. Defaults to everything.

    -

    false

    -

    string

    - - - -

    QueryParameter

    -

    watch

    -

    Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

    -

    false

    -

    boolean

    - - - -

    QueryParameter

    -

    resourceVersion

    -

    When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

    -

    false

    -

    string

    - - - -

    QueryParameter

    -

    timeoutSeconds

    -

    Timeout for the list/watch call.

    -

    false

    -

    integer (int32)

    +

    true

    +

    v1beta1.ThirdPartyResource

    @@ -11592,7 +11554,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

    200

    success

    -

    v1.WatchEvent

    +

    v1beta1.ThirdPartyResource

    @@ -11621,12 +11583,6 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

  • application/vnd.kubernetes.protobuf

    • -
  • -

    application/json;stream=watch

    -
    • -
  • -

    application/vnd.kubernetes.protobuf;stream=watch

    -
    • @@ -11642,10 +11598,10 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    watch individual changes to a list of Ingress

    +

    read the specified ThirdPartyResource

    -
    GET /apis/extensions/v1beta1/watch/ingresses
    +
    GET /apis/extensions/v1beta1/thirdpartyresources/{name}
    @@ -11680,6 +11636,512 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }

    QueryParameter

    +

    export

    +

    Should this value be exported. Export strips fields that a user can not specify.

    +

    false

    +

    boolean

    + + + +

    QueryParameter

    +

    exact

    +

    Should the export be exact. Exact export maintains cluster-specific fields like Namespace.

    +

    false

    +

    boolean

    + + + +

    PathParameter

    +

    name

    +

    name of the ThirdPartyResource

    +

    true

    +

    string

    + + + + + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.ThirdPartyResource

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    replace the specified ThirdPartyResource

    +
    +
    +
    PUT /apis/extensions/v1beta1/thirdpartyresources/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1beta1.ThirdPartyResource

    PathParameter

    name

    name of the ThirdPartyResource

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.ThirdPartyResource

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    delete a ThirdPartyResource

    +
    +
    +
    DELETE /apis/extensions/v1beta1/thirdpartyresources/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1.DeleteOptions

    QueryParameter

    gracePeriodSeconds

    The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

    false

    integer (int32)

    QueryParameter

    orphanDependents

    Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list.

    false

    boolean

    PathParameter

    name

    name of the ThirdPartyResource

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1.Status

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    partially update the specified ThirdPartyResource

    +
    +
    +
    PATCH /apis/extensions/v1beta1/thirdpartyresources/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    BodyParameter

    body

    true

    v1.Patch

    PathParameter

    name

    name of the ThirdPartyResource

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1beta1.ThirdPartyResource

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      application/json-patch+json

      +
      • +
    • +

      application/merge-patch+json

      +
      • +
    • +

      application/strategic-merge-patch+json

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    watch individual changes to a list of DaemonSet

    +
    +
    +
    GET /apis/extensions/v1beta1/watch/daemonsets
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + @@ -11723,7 +12185,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    labelSelector

    A selector to restrict the list of returned objects by their labels. Defaults to everything.

    false
    @@ -11748,7 +12210,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -11758,7 +12220,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -11780,7 +12242,454 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    + +
    +

    watch individual changes to a list of Deployment

    +
    +
    +
    GET /apis/extensions/v1beta1/watch/deployments
    +
    +
    +
    +

    Parameters

    +
    ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    labelSelector

    A selector to restrict the list of returned objects by their labels. Defaults to everything.

    false

    string

    QueryParameter

    fieldSelector

    A selector to restrict the list of returned objects by their fields. Defaults to everything.

    false

    string

    QueryParameter

    watch

    Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

    false

    boolean

    QueryParameter

    resourceVersion

    When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

    false

    string

    QueryParameter

    timeoutSeconds

    Timeout for the list/watch call.

    false

    integer (int32)

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1.WatchEvent

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    • +

      application/json;stream=watch

      +
      • +
    • +

      application/vnd.kubernetes.protobuf;stream=watch

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    watch individual changes to a list of HorizontalPodAutoscaler

    +
    +
    +
    GET /apis/extensions/v1beta1/watch/horizontalpodautoscalers
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    labelSelector

    A selector to restrict the list of returned objects by their labels. Defaults to everything.

    false

    string

    QueryParameter

    fieldSelector

    A selector to restrict the list of returned objects by their fields. Defaults to everything.

    false

    string

    QueryParameter

    watch

    Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

    false

    boolean

    QueryParameter

    resourceVersion

    When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

    false

    string

    QueryParameter

    timeoutSeconds

    Timeout for the list/watch call.

    false

    integer (int32)

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1.WatchEvent

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    • +

      application/json;stream=watch

      +
      • +
    • +

      application/vnd.kubernetes.protobuf;stream=watch

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    watch individual changes to a list of Ingress

    +
    +
    +
    GET /apis/extensions/v1beta1/watch/ingresses
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    labelSelector

    A selector to restrict the list of returned objects by their labels. Defaults to everything.

    false

    string

    QueryParameter

    fieldSelector

    A selector to restrict the list of returned objects by their fields. Defaults to everything.

    false

    string

    QueryParameter

    watch

    Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

    false

    boolean

    QueryParameter

    resourceVersion

    When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

    false

    string

    QueryParameter

    timeoutSeconds

    Timeout for the list/watch call.

    false

    integer (int32)

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1.WatchEvent

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    • +

      application/json;stream=watch

      +
      • +
    • +

      application/vnd.kubernetes.protobuf;stream=watch

      +
      • +
    +
    +
    +
    +

    Tags

    • @@ -11798,7 +12707,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -11880,7 +12789,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -11905,7 +12814,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -11915,7 +12824,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -11937,7 +12846,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -11955,7 +12864,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -12045,7 +12954,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -12070,7 +12979,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -12080,7 +12989,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -12102,7 +13011,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -12120,7 +13029,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -12202,7 +13111,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -12227,7 +13136,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -12237,7 +13146,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -12259,7 +13168,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -12277,7 +13186,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -12367,7 +13276,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -12392,7 +13301,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -12402,7 +13311,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -12424,7 +13333,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -12442,7 +13351,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -12524,7 +13433,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -12549,7 +13458,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -12559,7 +13468,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -12581,7 +13490,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -12599,7 +13508,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -12689,7 +13598,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -12714,7 +13623,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -12724,7 +13633,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -12746,7 +13655,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -12764,7 +13673,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -12846,7 +13755,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -12871,7 +13780,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -12881,7 +13790,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -12903,7 +13812,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -12921,7 +13830,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -13011,7 +13920,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -13036,7 +13945,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -13046,7 +13955,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -13068,7 +13977,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -13086,7 +13995,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -13168,7 +14077,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -13193,7 +14102,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -13203,7 +14112,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -13225,7 +14134,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -13243,7 +14152,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -13333,7 +14242,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -13358,7 +14267,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -13368,7 +14277,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -13390,7 +14299,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -13408,7 +14317,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -13490,7 +14399,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -13515,7 +14424,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -13525,7 +14434,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -13547,7 +14456,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -13565,7 +14474,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -13655,7 +14564,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -13680,7 +14589,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -13690,7 +14599,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -13712,7 +14621,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -13730,7 +14639,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -13804,7 +14713,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -13829,7 +14738,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -13839,7 +14748,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -13861,7 +14770,313 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    + +
    +

    watch individual changes to a list of PodSecurityPolicy

    +
    +
    +
    GET /apis/extensions/v1beta1/watch/podsecuritypolicies
    +
    +
    +
    +

    Parameters

    +
    ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    labelSelector

    A selector to restrict the list of returned objects by their labels. Defaults to everything.

    false

    string

    QueryParameter

    fieldSelector

    A selector to restrict the list of returned objects by their fields. Defaults to everything.

    false

    string

    QueryParameter

    watch

    Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

    false

    boolean

    QueryParameter

    resourceVersion

    When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

    false

    string

    QueryParameter

    timeoutSeconds

    Timeout for the list/watch call.

    false

    integer (int32)

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1.WatchEvent

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    • +

      application/json;stream=watch

      +
      • +
    • +

      application/vnd.kubernetes.protobuf;stream=watch

      +
      • +
    +
    +
    +
    +

    Tags

    +
    +
      +
    • +

      apisextensionsv1beta1

      +
      • +
    +
    +
    +
    +
    +

    watch changes to an object of kind PodSecurityPolicy

    +
    +
    +
    GET /apis/extensions/v1beta1/watch/podsecuritypolicies/{name}
    +
    +
    +
    +

    Parameters

    + ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    TypeNameDescriptionRequiredSchemaDefault

    QueryParameter

    pretty

    If true, then the output is pretty printed.

    false

    string

    QueryParameter

    labelSelector

    A selector to restrict the list of returned objects by their labels. Defaults to everything.

    false

    string

    QueryParameter

    fieldSelector

    A selector to restrict the list of returned objects by their fields. Defaults to everything.

    false

    string

    QueryParameter

    watch

    Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

    false

    boolean

    QueryParameter

    resourceVersion

    When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

    false

    string

    QueryParameter

    timeoutSeconds

    Timeout for the list/watch call.

    false

    integer (int32)

    PathParameter

    name

    name of the PodSecurityPolicy

    true

    string

    + +
    +
    +

    Responses

    + +++++ + + + + + + + + + + + + + + +
    HTTP CodeDescriptionSchema

    200

    success

    v1.WatchEvent

    + +
    +
    +

    Consumes

    +
    +
      +
    • +

      /

      +
      • +
    +
    +
    +
    +

    Produces

    +
    +
      +
    • +

      application/json

      +
      • +
    • +

      application/yaml

      +
      • +
    • +

      application/vnd.kubernetes.protobuf

      +
      • +
    • +

      application/json;stream=watch

      +
      • +
    • +

      application/vnd.kubernetes.protobuf;stream=watch

      +
      • +
    +
    +
    +
    +

    Tags

    • @@ -13879,7 +15094,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -13953,7 +15168,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -13978,7 +15193,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -13988,7 +15203,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -14010,7 +15225,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -14028,7 +15243,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -14102,7 +15317,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -14127,7 +15342,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -14137,7 +15352,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -14159,7 +15374,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -14177,7 +15392,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Parameters

    +

    Parameters

    @@ -14259,7 +15474,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Responses

    +

    Responses

    @@ -14284,7 +15499,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Consumes

    +

    Consumes

    • @@ -14294,7 +15509,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Produces

    +

    Produces

    • @@ -14316,7 +15531,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    -

    Tags

    +

    Tags

    • @@ -14331,7 +15546,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
    diff --git a/pkg/master/master.go b/pkg/master/master.go index 72a07f5803..fb93d2cee5 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -408,6 +408,7 @@ func DefaultAPIResourceConfigSource() *genericapiserver.ResourceConfig { extensionsapiv1beta1.SchemeGroupVersion.WithResource("networkpolicies"), extensionsapiv1beta1.SchemeGroupVersion.WithResource("replicasets"), extensionsapiv1beta1.SchemeGroupVersion.WithResource("thirdpartyresources"), + extensionsapiv1beta1.SchemeGroupVersion.WithResource("podsecuritypolicies"), ) return ret