diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index a901cc830e7a..a6defd83d531 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -39051,6 +39051,805 @@ } ] }, + "/apis/auditregistration.k8s.io/": { + "get": { + "description": "get information of a group", + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration" + ], + "operationId": "getAuditregistrationAPIGroup", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + } + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/": { + "get": { + "description": "get available resources", + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "getAuditregistrationV1alpha1APIResources", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + } + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/auditsinks": { + "get": { + "description": "list or watch objects of kind AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "listAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "post": { + "description": "create an AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "createAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "delete": { + "description": "delete collection of AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "deleteAuditregistrationV1alpha1CollectionAuditSink", + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "boolean", + "description": "If true, partially initialized resources are included in the response.", + "name": "includeUninitialized", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + } + ] + }, + "/apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}": { + "get": { + "description": "read the specified AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "readAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "uniqueItems": true, + "type": "boolean", + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + "name": "exact", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Should this value be exported. Export strips fields that a user can not specify.", + "name": "export", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "put": { + "description": "replace the specified AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "replaceAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "delete": { + "description": "delete an AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "deleteAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "name": "gracePeriodSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "name": "orphanDependents", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "name": "propagationPolicy", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "patch": { + "description": "partially update the specified AuditSink", + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "patchAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "name of the AuditSink", + "name": "name", + "in": "path", + "required": true + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + } + ] + }, + "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks": { + "get": { + "description": "watch individual changes to a list of AuditSink. deprecated: use the 'watch' parameter with a list operation instead.", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "watchAuditregistrationV1alpha1AuditSinkList", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "If true, partially initialized resources are included in the response.", + "name": "includeUninitialized", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ] + }, + "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}": { + "get": { + "description": "watch changes to an object of kind AuditSink. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "watchAuditregistrationV1alpha1AuditSink", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "If true, partially initialized resources are included in the response.", + "name": "includeUninitialized", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "name of the AuditSink", + "name": "name", + "in": "path", + "required": true + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ] + }, "/apis/authentication.k8s.io/": { "get": { "description": "get information of a group", @@ -79043,6 +79842,172 @@ } } }, + "io.k8s.api.auditregistration.v1alpha1.AuditSink": { + "description": "AuditSink represents a cluster level audit sink", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "description": "Spec defines the audit configuration spec", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec" + } + }, + "x-kubernetes-group-version-kind": [ + { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.auditregistration.v1alpha1.AuditSinkList": { + "description": "AuditSinkList is a list of AuditSink items.", + "required": [ + "items" + ], + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of audit configurations.", + "type": "array", + "items": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "x-kubernetes-group-version-kind": [ + { + "group": "auditregistration.k8s.io", + "kind": "AuditSinkList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec": { + "description": "AuditSinkSpec holds the spec for the audit sink", + "required": [ + "policy", + "webhook" + ], + "properties": { + "policy": { + "description": "Policy defines the policy for selecting which events should be sent to the webhook required", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Policy" + }, + "webhook": { + "description": "Webhook to send events required", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Webhook" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.Policy": { + "description": "Policy defines the configuration of how audit events are logged", + "required": [ + "level" + ], + "properties": { + "level": { + "description": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required", + "type": "string" + }, + "stages": { + "description": "Stages is a list of stages for which events are created.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.ServiceReference": { + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "required": [ + "namespace", + "name" + ], + "properties": { + "name": { + "description": "`name` is the name of the service. Required", + "type": "string" + }, + "namespace": { + "description": "`namespace` is the namespace of the service. Required", + "type": "string" + }, + "path": { + "description": "`path` is an optional URL path which will be sent in any request to this service.", + "type": "string" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.Webhook": { + "description": "Webhook holds the configuration of the webhook", + "required": [ + "clientConfig" + ], + "properties": { + "clientConfig": { + "description": "ClientConfig holds the connection parameters for the webhook required", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig" + }, + "throttle": { + "description": "Throttle holds the options for throttling the webhook", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig": { + "description": "WebhookClientConfig contains the information to make a connection with the webhook", + "properties": { + "caBundle": { + "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. defaults to the apiservers CA bundle for the endpoint type", + "type": "string", + "format": "byte" + }, + "service": { + "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.ServiceReference" + }, + "url": { + "description": "`url` gives the location of the webhook, in standard URL form (`[scheme://]host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", + "type": "string" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig": { + "description": "WebhookThrottleConfig holds the configuration for throttling events", + "properties": { + "burst": { + "description": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS", + "type": "integer", + "format": "int64" + }, + "qps": { + "description": "ThrottleQPS maximum number of batches per second default 10 QPS", + "type": "integer", + "format": "int64" + } + } + }, "io.k8s.api.authentication.v1.TokenReview": { "description": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.", "required": [ @@ -91672,6 +92637,11 @@ "kind": "DeleteOptions", "version": "v1beta2" }, + { + "group": "auditregistration.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, { "group": "authentication.k8s.io", "kind": "DeleteOptions", @@ -92237,6 +93207,11 @@ "kind": "WatchEvent", "version": "v1beta2" }, + { + "group": "auditregistration.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, { "group": "authentication.k8s.io", "kind": "WatchEvent", diff --git a/api/swagger-spec/auditregistration.k8s.io.json b/api/swagger-spec/auditregistration.k8s.io.json new file mode 100644 index 000000000000..983c730ae1a3 --- /dev/null +++ b/api/swagger-spec/auditregistration.k8s.io.json @@ -0,0 +1,113 @@ +{ + "swaggerVersion": "1.2", + "apiVersion": "", + "basePath": "https://10.10.10.10:6443", + "resourcePath": "/apis/auditregistration.k8s.io", + "info": { + "title": "", + "description": "" + }, + "apis": [ + { + "path": "/apis/auditregistration.k8s.io", + "description": "get information of a group", + "operations": [ + { + "type": "v1.APIGroup", + "method": "GET", + "summary": "get information of a group", + "nickname": "getAPIGroup", + "parameters": [], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ] + } + ] + } + ], + "models": { + "v1.APIGroup": { + "id": "v1.APIGroup", + "description": "APIGroup contains the name, the supported versions, and the preferred version of a group.", + "required": [ + "name", + "versions" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "name": { + "type": "string", + "description": "name is the name of the group." + }, + "versions": { + "type": "array", + "items": { + "$ref": "v1.GroupVersionForDiscovery" + }, + "description": "versions are the versions supported in this group." + }, + "preferredVersion": { + "$ref": "v1.GroupVersionForDiscovery", + "description": "preferredVersion is the version preferred by the API server, which probably is the storage version." + }, + "serverAddressByClientCIDRs": { + "type": "array", + "items": { + "$ref": "v1.ServerAddressByClientCIDR" + }, + "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP." + } + } + }, + "v1.GroupVersionForDiscovery": { + "id": "v1.GroupVersionForDiscovery", + "description": "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", + "required": [ + "groupVersion", + "version" + ], + "properties": { + "groupVersion": { + "type": "string", + "description": "groupVersion specifies the API group and version in the form \"group/version\"" + }, + "version": { + "type": "string", + "description": "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion." + } + } + }, + "v1.ServerAddressByClientCIDR": { + "id": "v1.ServerAddressByClientCIDR", + "description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", + "required": [ + "clientCIDR", + "serverAddress" + ], + "properties": { + "clientCIDR": { + "type": "string", + "description": "The CIDR with which clients can match their IP to figure out the server address that they should use." + }, + "serverAddress": { + "type": "string", + "description": "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port." + } + } + } + } + } diff --git a/api/swagger-spec/auditregistration.k8s.io_v1alpha1.json b/api/swagger-spec/auditregistration.k8s.io_v1alpha1.json new file mode 100644 index 000000000000..64c8229ae5a6 --- /dev/null +++ b/api/swagger-spec/auditregistration.k8s.io_v1alpha1.json @@ -0,0 +1,1363 @@ +{ + "swaggerVersion": "1.2", + "apiVersion": "auditregistration.k8s.io/v1alpha1", + "basePath": "https://10.10.10.10:6443", + "resourcePath": "/apis/auditregistration.k8s.io/v1alpha1", + "info": { + "title": "", + "description": "" + }, + "apis": [ + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/auditsinks", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1alpha1.AuditSinkList", + "method": "GET", + "summary": "list or watch objects of kind AuditSink", + "nickname": "listAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSinkList" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1alpha1.AuditSink", + "method": "POST", + "summary": "create an AuditSink", + "nickname": "createAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1alpha1.AuditSink", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If IncludeUninitialized is specified, the object may be returned without completing initialization.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + }, + { + "code": 201, + "message": "Created", + "responseModel": "v1alpha1.AuditSink" + }, + { + "code": 202, + "message": "Accepted", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1.Status", + "method": "DELETE", + "summary": "delete collection of AuditSink", + "nickname": "deletecollectionAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.Status" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1.WatchEvent", + "method": "GET", + "summary": "watch individual changes to a list of AuditSink. deprecated: use the 'watch' parameter with a list operation instead.", + "nickname": "watchAuditSinkList", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.WatchEvent" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1alpha1.AuditSink", + "method": "GET", + "summary": "read the specified AuditSink", + "nickname": "readAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "export", + "description": "Should this value be exported. Export strips fields that a user can not specify.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "exact", + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1alpha1.AuditSink", + "method": "PUT", + "summary": "replace the specified AuditSink", + "nickname": "replaceAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1alpha1.AuditSink", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + }, + { + "code": 201, + "message": "Created", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1alpha1.AuditSink", + "method": "PATCH", + "summary": "partially update the specified AuditSink", + "nickname": "patchAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1.Patch", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ] + }, + { + "type": "v1.Status", + "method": "DELETE", + "summary": "delete an AuditSink", + "nickname": "deleteAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1.DeleteOptions", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "gracePeriodSeconds", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "orphanDependents", + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "propagationPolicy", + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.Status" + }, + { + "code": 202, + "message": "Accepted", + "responseModel": "v1.Status" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1.WatchEvent", + "method": "GET", + "summary": "watch changes to an object of kind AuditSink. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "nickname": "watchAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.WatchEvent" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1.APIResourceList", + "method": "GET", + "summary": "get available resources", + "nickname": "getAPIResources", + "parameters": [], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ] + } + ] + } + ], + "models": { + "v1alpha1.AuditSinkList": { + "id": "v1alpha1.AuditSinkList", + "description": "AuditSinkList is a list of AuditSink items.", + "required": [ + "items" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ListMeta" + }, + "items": { + "type": "array", + "items": { + "$ref": "v1alpha1.AuditSink" + }, + "description": "List of audit configurations." + } + } + }, + "v1.ListMeta": { + "id": "v1.ListMeta", + "description": "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", + "properties": { + "selfLink": { + "type": "string", + "description": "selfLink is a URL representing this object. Populated by the system. Read-only." + }, + "resourceVersion": { + "type": "string", + "description": "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + }, + "continue": { + "type": "string", + "description": "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message." + } + } + }, + "v1alpha1.AuditSink": { + "id": "v1alpha1.AuditSink", + "description": "AuditSink represents a cluster level audit sink", + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ObjectMeta" + }, + "spec": { + "$ref": "v1alpha1.AuditSinkSpec", + "description": "Spec defines the audit configuration spec" + } + } + }, + "v1.ObjectMeta": { + "id": "v1.ObjectMeta", + "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", + "properties": { + "name": { + "type": "string", + "description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + }, + "generateName": { + "type": "string", + "description": "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + }, + "namespace": { + "type": "string", + "description": "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + }, + "selfLink": { + "type": "string", + "description": "SelfLink is a URL representing this object. Populated by the system. Read-only." + }, + "uid": { + "type": "string", + "description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + }, + "resourceVersion": { + "type": "string", + "description": "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + }, + "generation": { + "type": "integer", + "format": "int64", + "description": "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only." + }, + "creationTimestamp": { + "type": "string", + "description": "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "deletionTimestamp": { + "type": "string", + "description": "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "deletionGracePeriodSeconds": { + "type": "integer", + "format": "int64", + "description": "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only." + }, + "labels": { + "type": "object", + "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels" + }, + "annotations": { + "type": "object", + "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations" + }, + "ownerReferences": { + "type": "array", + "items": { + "$ref": "v1.OwnerReference" + }, + "description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller." + }, + "initializers": { + "$ref": "v1.Initializers", + "description": "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.\n\nWhen an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user." + }, + "finalizers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed." + }, + "clusterName": { + "type": "string", + "description": "The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request." + } + } + }, + "v1.OwnerReference": { + "id": "v1.OwnerReference", + "description": "OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.", + "required": [ + "apiVersion", + "kind", + "name", + "uid" + ], + "properties": { + "apiVersion": { + "type": "string", + "description": "API version of the referent." + }, + "kind": { + "type": "string", + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "name": { + "type": "string", + "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + }, + "uid": { + "type": "string", + "description": "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + }, + "controller": { + "type": "boolean", + "description": "If true, this reference points to the managing controller." + }, + "blockOwnerDeletion": { + "type": "boolean", + "description": "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned." + } + } + }, + "v1.Initializers": { + "id": "v1.Initializers", + "description": "Initializers tracks the progress of initialization.", + "required": [ + "pending" + ], + "properties": { + "pending": { + "type": "array", + "items": { + "$ref": "v1.Initializer" + }, + "description": "Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients." + }, + "result": { + "$ref": "v1.Status", + "description": "If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion." + } + } + }, + "v1.Initializer": { + "id": "v1.Initializer", + "description": "Initializer is information about an initializer that has not yet completed.", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "name of the process that is responsible for initializing this object." + } + } + }, + "v1.Status": { + "id": "v1.Status", + "description": "Status is a return value for calls that don't return other objects.", + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "status": { + "type": "string", + "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "message": { + "type": "string", + "description": "A human-readable description of the status of this operation." + }, + "reason": { + "type": "string", + "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it." + }, + "details": { + "$ref": "v1.StatusDetails", + "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type." + }, + "code": { + "type": "integer", + "format": "int32", + "description": "Suggested HTTP return code for this status, 0 if not set." + } + } + }, + "v1.StatusDetails": { + "id": "v1.StatusDetails", + "description": "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", + "properties": { + "name": { + "type": "string", + "description": "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described)." + }, + "group": { + "type": "string", + "description": "The group attribute of the resource associated with the status StatusReason." + }, + "kind": { + "type": "string", + "description": "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "uid": { + "type": "string", + "description": "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + }, + "causes": { + "type": "array", + "items": { + "$ref": "v1.StatusCause" + }, + "description": "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes." + }, + "retryAfterSeconds": { + "type": "integer", + "format": "int32", + "description": "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action." + } + } + }, + "v1.StatusCause": { + "id": "v1.StatusCause", + "description": "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", + "properties": { + "reason": { + "type": "string", + "description": "A machine-readable description of the cause of the error. If this value is empty there is no information available." + }, + "message": { + "type": "string", + "description": "A human-readable description of the cause of the error. This field may be presented as-is to a reader." + }, + "field": { + "type": "string", + "description": "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + } + } + }, + "v1alpha1.AuditSinkSpec": { + "id": "v1alpha1.AuditSinkSpec", + "description": "AuditSinkSpec holds the spec for the audit sink", + "required": [ + "policy", + "webhook" + ], + "properties": { + "policy": { + "$ref": "v1alpha1.Policy", + "description": "Policy defines the policy for selecting which events should be sent to the webhook required" + }, + "webhook": { + "$ref": "v1alpha1.Webhook", + "description": "Webhook to send events required" + } + } + }, + "v1alpha1.Policy": { + "id": "v1alpha1.Policy", + "description": "Policy defines the configuration of how audit events are logged", + "required": [ + "level", + "stages" + ], + "properties": { + "level": { + "type": "string", + "description": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required" + }, + "stages": { + "type": "array", + "items": { + "$ref": "v1alpha1.Stage" + }, + "description": "Stages is a list of stages for which events are created." + } + } + }, + "v1alpha1.Stage": { + "id": "v1alpha1.Stage", + "properties": {} + }, + "v1alpha1.Webhook": { + "id": "v1alpha1.Webhook", + "description": "Webhook holds the configuration of the webhook", + "required": [ + "clientConfig" + ], + "properties": { + "throttle": { + "$ref": "v1alpha1.WebhookThrottleConfig", + "description": "Throttle holds the options for throttling the webhook" + }, + "clientConfig": { + "$ref": "v1alpha1.WebhookClientConfig", + "description": "ClientConfig holds the connection parameters for the webhook required" + } + } + }, + "v1alpha1.WebhookThrottleConfig": { + "id": "v1alpha1.WebhookThrottleConfig", + "description": "WebhookThrottleConfig holds the configuration for throttling events", + "properties": { + "qps": { + "type": "integer", + "format": "int64", + "description": "ThrottleQPS maximum number of batches per second default 10 QPS" + }, + "burst": { + "type": "integer", + "format": "int64", + "description": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS" + } + } + }, + "v1alpha1.WebhookClientConfig": { + "id": "v1alpha1.WebhookClientConfig", + "description": "WebhookClientConfig contains the information to make a connection with the webhook", + "required": [ + "service", + "caBundle" + ], + "properties": { + "url": { + "type": "string", + "description": "`url` gives the location of the webhook, in standard URL form (`[scheme://]host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either." + }, + "service": { + "$ref": "v1alpha1.ServiceReference", + "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error." + }, + "caBundle": { + "type": "string", + "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. defaults to the apiservers CA bundle for the endpoint type" + } + } + }, + "v1alpha1.ServiceReference": { + "id": "v1alpha1.ServiceReference", + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "required": [ + "namespace", + "name" + ], + "properties": { + "namespace": { + "type": "string", + "description": "`namespace` is the namespace of the service. Required" + }, + "name": { + "type": "string", + "description": "`name` is the name of the service. Required" + }, + "path": { + "type": "string", + "description": "`path` is an optional URL path which will be sent in any request to this service." + } + } + }, + "v1.WatchEvent": { + "id": "v1.WatchEvent", + "required": [ + "type", + "object" + ], + "properties": { + "type": { + "type": "string" + }, + "object": { + "type": "string" + } + } + }, + "v1.Patch": { + "id": "v1.Patch", + "description": "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", + "properties": {} + }, + "v1.DeleteOptions": { + "id": "v1.DeleteOptions", + "description": "DeleteOptions may be provided when deleting an API object.", + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "gracePeriodSeconds": { + "type": "integer", + "format": "int64", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately." + }, + "preconditions": { + "$ref": "v1.Preconditions", + "description": "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned." + }, + "orphanDependents": { + "type": "boolean", + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both." + }, + "propagationPolicy": { + "$ref": "v1.DeletionPropagation", + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground." + }, + "dryRun": { + "type": "array", + "items": { + "type": "string" + }, + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed" + } + } + }, + "v1.Preconditions": { + "id": "v1.Preconditions", + "description": "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", + "properties": { + "uid": { + "$ref": "types.UID", + "description": "Specifies the target UID." + } + } + }, + "types.UID": { + "id": "types.UID", + "properties": {} + }, + "v1.DeletionPropagation": { + "id": "v1.DeletionPropagation", + "properties": {} + }, + "v1.APIResourceList": { + "id": "v1.APIResourceList", + "description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", + "required": [ + "groupVersion", + "resources" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "groupVersion": { + "type": "string", + "description": "groupVersion is the group and version this APIResourceList is for." + }, + "resources": { + "type": "array", + "items": { + "$ref": "v1.APIResource" + }, + "description": "resources contains the name of the resources and if they are namespaced." + } + } + }, + "v1.APIResource": { + "id": "v1.APIResource", + "description": "APIResource specifies the name of a resource and whether it is namespaced.", + "required": [ + "name", + "singularName", + "namespaced", + "kind", + "verbs" + ], + "properties": { + "name": { + "type": "string", + "description": "name is the plural name of the resource." + }, + "singularName": { + "type": "string", + "description": "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface." + }, + "namespaced": { + "type": "boolean", + "description": "namespaced indicates if a resource is namespaced or not." + }, + "group": { + "type": "string", + "description": "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\"." + }, + "version": { + "type": "string", + "description": "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\"." + }, + "kind": { + "type": "string", + "description": "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')" + }, + "verbs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)" + }, + "shortNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "shortNames is a list of suggested short names of the resource." + }, + "categories": { + "type": "array", + "items": { + "type": "string" + }, + "description": "categories is a list of the grouped resources this resource belongs to (e.g. 'all')" + } + } + } + } + } diff --git a/api/swagger-spec/resourceListing.json b/api/swagger-spec/resourceListing.json index cc35fcef299c..ad7391b56848 100644 --- a/api/swagger-spec/resourceListing.json +++ b/api/swagger-spec/resourceListing.json @@ -21,6 +21,14 @@ "path": "/api", "description": "get available API versions" }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1" + }, + { + "path": "/apis/auditregistration.k8s.io", + "description": "get information of a group" + }, { "path": "/apis/authentication.k8s.io/v1", "description": "API at /apis/authentication.k8s.io/v1" diff --git a/docs/api-reference/auditregistration.k8s.io/v1alpha1/definitions.html b/docs/api-reference/auditregistration.k8s.io/v1alpha1/definitions.html new file mode 100755 index 000000000000..083c31252e59 --- /dev/null +++ b/docs/api-reference/auditregistration.k8s.io/v1alpha1/definitions.html @@ -0,0 +1,1646 @@ + + + + + + +Top Level API Objects + + + + +
+
+

Top Level API Objects

+
+
+ +
+
+
+
+

Definitions

+
+
+

v1.APIResourceList

+
+

APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

groupVersion

groupVersion is the group and version this APIResourceList is for.

true

string

resources

resources contains the name of the resources and if they are namespaced.

true

v1.APIResource array

+ +
+
+

v1alpha1.Webhook

+
+

Webhook holds the configuration of the webhook

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

throttle

Throttle holds the options for throttling the webhook

false

v1alpha1.WebhookThrottleConfig

clientConfig

ClientConfig holds the connection parameters for the webhook required

true

v1alpha1.WebhookClientConfig

+ +
+
+

v1alpha1.WebhookClientConfig

+
+

WebhookClientConfig contains the information to make a connection with the webhook

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

url

url gives the location of the webhook, in standard URL form ([scheme://]host:port/path). Exactly one of url or service must be specified.
+
+The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.
+
+Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.
+
+The scheme must be "https"; the URL must begin with "https://".
+
+A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.
+
+Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#…") and query parameters ("?…") are not allowed, either.

false

string

service

service is a reference to the service for this webhook. Either service or url must be specified.
+
+If the webhook is running within the cluster, then you should use service.
+
+Port 443 will be used if it is open, otherwise it is an error.

true

v1alpha1.ServiceReference

caBundle

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. defaults to the apiservers CA bundle for the endpoint type

true

string

+ +
+
+

v1.ListMeta

+
+

ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

selfLink

selfLink is a URL representing this object. Populated by the system. Read-only.

false

string

resourceVersion

String that identifies the server’s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency

false

string

continue

continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.

false

string

+ +
+
+

v1.Initializers

+
+

Initializers tracks the progress of initialization.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

pending

Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.

true

v1.Initializer array

result

If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion.

false

v1.Status

+ +
+
+

v1.Preconditions

+
+

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

+
+ +++++++ + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

uid

Specifies the target UID.

false

types.UID

+ +
+
+

v1.Status

+
+

Status is a return value for calls that don’t return other objects.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

metadata

Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

v1.ListMeta

status

Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status

false

string

message

A human-readable description of the status of this operation.

false

string

reason

A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.

false

string

details

Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.

false

v1.StatusDetails

code

Suggested HTTP return code for this status, 0 if not set.

false

integer (int32)

+ +
+
+

v1.WatchEvent

+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

type

true

string

object

true

string

+ +
+
+

v1alpha1.Policy

+
+

Policy defines the configuration of how audit events are logged

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

level

The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required

true

string

stages

Stages is a list of stages for which events are created.

true

v1alpha1.Stage array

+ +
+
+

v1alpha1.ServiceReference

+
+

ServiceReference holds a reference to Service.legacy.k8s.io

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

namespace

namespace is the namespace of the service. Required

true

string

name

name is the name of the service. Required

true

string

path

path is an optional URL path which will be sent in any request to this service.

false

string

+ +
+
+

v1alpha1.WebhookThrottleConfig

+
+

WebhookThrottleConfig holds the configuration for throttling events

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

qps

ThrottleQPS maximum number of batches per second default 10 QPS

false

integer (int64)

burst

ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS

false

integer (int64)

+ +
+
+

v1alpha1.AuditSinkList

+
+

AuditSinkList is a list of AuditSink items.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

metadata

false

v1.ListMeta

items

List of audit configurations.

true

v1alpha1.AuditSink array

+ +
+
+

v1.DeletionPropagation

+ +
+
+

v1.Patch

+
+

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

+
+
+
+

v1.DeleteOptions

+
+

DeleteOptions may be provided when deleting an API object.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

gracePeriodSeconds

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

false

integer (int64)

preconditions

Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.

false

v1.Preconditions

orphanDependents

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

false

boolean

false

propagationPolicy

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: Orphan - orphan the dependents; Background - allow the garbage collector to delete the dependents in the background; Foreground - a cascading policy that deletes all dependents in the foreground.

false

v1.DeletionPropagation

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string array

+ +
+
+

v1.StatusDetails

+
+

StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).

false

string

group

The group attribute of the resource associated with the status StatusReason.

false

string

kind

The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

uid

UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids

false

string

causes

The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.

false

v1.StatusCause array

retryAfterSeconds

If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.

false

integer (int32)

+ +
+
+

v1.Initializer

+
+

Initializer is information about an initializer that has not yet completed.

+
+ +++++++ + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

name of the process that is responsible for initializing this object.

true

string

+ +
+
+

v1alpha1.Stage

+ +
+
+

v1.OwnerReference

+
+

OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

apiVersion

API version of the referent.

true

string

kind

Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

true

string

name

Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names

true

string

uid

UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids

true

string

controller

If true, this reference points to the managing controller.

false

boolean

false

blockOwnerDeletion

If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.

false

boolean

false

+ +
+
+

v1.ObjectMeta

+
+

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names

false

string

generateName

GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency

false

string

namespace

Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces

false

string

selfLink

SelfLink is a URL representing this object. Populated by the system. Read-only.

false

string

uid

UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids

false

string

resourceVersion

An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency

false

string

generation

A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.

false

integer (int64)

creationTimestamp

CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
+
+Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

false

string

deletionTimestamp

DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
+
+Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

false

string

deletionGracePeriodSeconds

Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.

false

integer (int64)

labels

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels

false

object

annotations

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations

false

object

ownerReferences

List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.

false

v1.OwnerReference array

initializers

An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven’t explicitly asked to observe uninitialized objects.
+
+When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.

false

v1.Initializers

finalizers

Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.

false

string array

clusterName

The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.

false

string

+ +
+
+

v1.APIResource

+
+

APIResource specifies the name of a resource and whether it is namespaced.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

name is the plural name of the resource.

true

string

singularName

singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.

true

string

namespaced

namespaced indicates if a resource is namespaced or not.

true

boolean

false

group

group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale".

false

string

version

version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource’s group)".

false

string

kind

kind is the kind for the resource (e.g. Foo is the kind for a resource foo)

true

string

verbs

verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)

true

string array

shortNames

shortNames is a list of suggested short names of the resource.

false

string array

categories

categories is a list of the grouped resources this resource belongs to (e.g. all)

false

string array

+ +
+
+

v1alpha1.AuditSinkSpec

+
+

AuditSinkSpec holds the spec for the audit sink

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

policy

Policy defines the policy for selecting which events should be sent to the webhook required

true

v1alpha1.Policy

webhook

Webhook to send events required

true

v1alpha1.Webhook

+ +
+
+

types.UID

+ +
+
+

v1alpha1.AuditSink

+
+

AuditSink represents a cluster level audit sink

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

metadata

false

v1.ObjectMeta

spec

Spec defines the audit configuration spec

false

v1alpha1.AuditSinkSpec

+ +
+
+

v1.StatusCause

+
+

StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

reason

A machine-readable description of the cause of the error. If this value is empty there is no information available.

false

string

message

A human-readable description of the cause of the error. This field may be presented as-is to a reader.

false

string

field

The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"

false

string

+ +
+
+

any

+
+

Represents an untyped JSON map - see the description of the field for more info about the structure of this object.

+
+
+
+
+
+ + + \ No newline at end of file diff --git a/docs/api-reference/auditregistration.k8s.io/v1alpha1/operations.html b/docs/api-reference/auditregistration.k8s.io/v1alpha1/operations.html new file mode 100755 index 000000000000..3296aa210e57 --- /dev/null +++ b/docs/api-reference/auditregistration.k8s.io/v1alpha1/operations.html @@ -0,0 +1,1841 @@ + + + + + + +Operations + + + + +
+
+

Operations

+
+
+

get available resources

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1
+
+
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

default

success

v1.APIResourceList

+ +
+
+

Consumes

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

list or watch objects of kind AuditSink

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSinkList

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
  • +

    application/json;stream=watch

    +
    • +
  • +

    application/vnd.kubernetes.protobuf;stream=watch

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

delete collection of AuditSink

+
+
+
DELETE /apis/auditregistration.k8s.io/v1alpha1/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1.Status

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

create an AuditSink

+
+
+
POST /apis/auditregistration.k8s.io/v1alpha1/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1alpha1.AuditSink

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

QueryParameter

includeUninitialized

If IncludeUninitialized is specified, the object may be returned without completing initialization.

false

boolean

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

202

Accepted

v1alpha1.AuditSink

200

success

v1alpha1.AuditSink

201

Created

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

read the specified AuditSink

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

export

Should this value be exported. Export strips fields that a user can not specify.

false

boolean

QueryParameter

exact

Should the export be exact. Exact export maintains cluster-specific fields like Namespace.

false

boolean

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

replace the specified AuditSink

+
+
+
PUT /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1alpha1.AuditSink

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSink

201

Created

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

delete an AuditSink

+
+
+
DELETE /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1.DeleteOptions

QueryParameter

gracePeriodSeconds

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

false

integer (int32)

QueryParameter

orphanDependents

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

false

boolean

QueryParameter

propagationPolicy

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: Orphan - orphan the dependents; Background - allow the garbage collector to delete the dependents in the background; Foreground - a cascading policy that deletes all dependents in the foreground.

false

string

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

202

Accepted

v1.Status

200

success

v1.Status

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

partially update the specified AuditSink

+
+
+
PATCH /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1.Patch

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    application/json-patch+json

    +
    • +
  • +

    application/merge-patch+json

    +
    • +
  • +

    application/strategic-merge-patch+json

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

watch individual changes to a list of AuditSink. deprecated: use the watch parameter with a list operation instead.

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1.WatchEvent

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
  • +

    application/json;stream=watch

    +
    • +
  • +

    application/vnd.kubernetes.protobuf;stream=watch

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

watch changes to an object of kind AuditSink. deprecated: use the watch parameter with a list operation instead, filtered to a single item with the fieldSelector parameter.

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1.WatchEvent

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
  • +

    application/json;stream=watch

    +
    • +
  • +

    application/vnd.kubernetes.protobuf;stream=watch

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+
+
+ + + \ No newline at end of file diff --git a/hack/.golint_failures b/hack/.golint_failures index ddf5b65d53db..a6828f028bd2 100644 --- a/hack/.golint_failures +++ b/hack/.golint_failures @@ -28,6 +28,7 @@ pkg/apis/apps/v1 pkg/apis/apps/v1beta1 pkg/apis/apps/v1beta2 pkg/apis/apps/validation +pkg/apis/auditregistration/v1alpha1 pkg/apis/authentication pkg/apis/authentication/v1 pkg/apis/authentication/v1beta1 @@ -284,6 +285,7 @@ pkg/registry/apps/replicaset/storage pkg/registry/apps/rest pkg/registry/apps/statefulset pkg/registry/apps/statefulset/storage +pkg/registry/auditregistration/rest pkg/registry/authentication/rest pkg/registry/authentication/tokenreview pkg/registry/authorization/localsubjectaccessreview @@ -452,6 +454,7 @@ staging/src/k8s.io/api/admissionregistration/v1beta1 staging/src/k8s.io/api/apps/v1 staging/src/k8s.io/api/apps/v1beta1 staging/src/k8s.io/api/apps/v1beta2 +staging/src/k8s.io/api/auditregistration/v1alpha1 staging/src/k8s.io/api/authentication/v1 staging/src/k8s.io/api/authentication/v1beta1 staging/src/k8s.io/api/authorization/v1 @@ -554,7 +557,6 @@ staging/src/k8s.io/apiserver/pkg/apis/audit staging/src/k8s.io/apiserver/pkg/apis/audit/v1 staging/src/k8s.io/apiserver/pkg/apis/audit/v1alpha1 staging/src/k8s.io/apiserver/pkg/apis/audit/v1beta1 -staging/src/k8s.io/apiserver/pkg/apis/audit/validation staging/src/k8s.io/apiserver/pkg/apis/config/v1alpha1 staging/src/k8s.io/apiserver/pkg/apis/example staging/src/k8s.io/apiserver/pkg/apis/example/v1 diff --git a/hack/lib/init.sh b/hack/lib/init.sh index a9ef8415f41e..2a676f804a09 100755 --- a/hack/lib/init.sh +++ b/hack/lib/init.sh @@ -62,6 +62,7 @@ admission.k8s.io/v1beta1 \ apps/v1beta1 \ apps/v1beta2 \ apps/v1 \ +auditregistration.k8s.io/v1alpha1 \ authentication.k8s.io/v1 \ authentication.k8s.io/v1beta1 \ authorization.k8s.io/v1 \ diff --git a/hack/update-generated-protobuf-dockerized.sh b/hack/update-generated-protobuf-dockerized.sh index 798f832fc818..612cfba3648c 100755 --- a/hack/update-generated-protobuf-dockerized.sh +++ b/hack/update-generated-protobuf-dockerized.sh @@ -78,6 +78,7 @@ PACKAGES=( k8s.io/api/admissionregistration/v1alpha1 k8s.io/api/admissionregistration/v1beta1 k8s.io/api/admission/v1beta1 + k8s.io/api/auditregistration/v1alpha1 k8s.io/api/networking/v1 k8s.io/metrics/pkg/apis/metrics/v1alpha1 k8s.io/metrics/pkg/apis/metrics/v1beta1 diff --git a/pkg/BUILD b/pkg/BUILD index e271227d8793..7a9acd421c90 100644 --- a/pkg/BUILD +++ b/pkg/BUILD @@ -33,6 +33,7 @@ filegroup( "//pkg/apis/admission:all-srcs", "//pkg/apis/admissionregistration:all-srcs", "//pkg/apis/apps:all-srcs", + "//pkg/apis/auditregistration:all-srcs", "//pkg/apis/authentication:all-srcs", "//pkg/apis/authorization:all-srcs", "//pkg/apis/autoscaling:all-srcs", @@ -58,6 +59,7 @@ filegroup( "//pkg/client/leaderelectionconfig:all-srcs", "//pkg/client/listers/admissionregistration/internalversion:all-srcs", "//pkg/client/listers/apps/internalversion:all-srcs", + "//pkg/client/listers/auditregistration/internalversion:all-srcs", "//pkg/client/listers/authentication/internalversion:all-srcs", "//pkg/client/listers/authorization/internalversion:all-srcs", "//pkg/client/listers/autoscaling/internalversion:all-srcs", diff --git a/pkg/api/testapi/BUILD b/pkg/api/testapi/BUILD index cb66f562213f..11eec53bef4c 100644 --- a/pkg/api/testapi/BUILD +++ b/pkg/api/testapi/BUILD @@ -18,6 +18,8 @@ go_library( "//pkg/apis/admissionregistration/install:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/install:go_default_library", + "//pkg/apis/auditregistration:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", "//pkg/apis/authentication/install:go_default_library", "//pkg/apis/authorization:go_default_library", "//pkg/apis/authorization/install:go_default_library", diff --git a/pkg/api/testapi/testapi.go b/pkg/api/testapi/testapi.go index 31d419620c9a..32b81d29d0e7 100644 --- a/pkg/api/testapi/testapi.go +++ b/pkg/api/testapi/testapi.go @@ -37,6 +37,7 @@ import ( "k8s.io/kubernetes/pkg/apis/admission" "k8s.io/kubernetes/pkg/apis/admissionregistration" "k8s.io/kubernetes/pkg/apis/apps" + "k8s.io/kubernetes/pkg/apis/auditregistration" "k8s.io/kubernetes/pkg/apis/authorization" "k8s.io/kubernetes/pkg/apis/autoscaling" "k8s.io/kubernetes/pkg/apis/batch" @@ -57,6 +58,7 @@ import ( _ "k8s.io/kubernetes/pkg/apis/admission/install" _ "k8s.io/kubernetes/pkg/apis/admissionregistration/install" _ "k8s.io/kubernetes/pkg/apis/apps/install" + _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" _ "k8s.io/kubernetes/pkg/apis/authentication/install" _ "k8s.io/kubernetes/pkg/apis/authorization/install" _ "k8s.io/kubernetes/pkg/apis/autoscaling/install" @@ -267,6 +269,12 @@ func init() { externalGroupVersion: externalGroupVersion, } } + if _, ok := Groups[auditregistration.GroupName]; !ok { + externalGroupVersion := schema.GroupVersion{Group: auditregistration.GroupName, Version: legacyscheme.Scheme.PrioritizedVersionsForGroup(auditregistration.GroupName)[0].Version} + Groups[auditregistration.GroupName] = TestGroup{ + externalGroupVersion: externalGroupVersion, + } + } Default = Groups[api.GroupName] Autoscaling = Groups[autoscaling.GroupName] diff --git a/pkg/api/testing/BUILD b/pkg/api/testing/BUILD index af88089ba0fd..b65e2839b64d 100644 --- a/pkg/api/testing/BUILD +++ b/pkg/api/testing/BUILD @@ -19,6 +19,7 @@ go_library( "//pkg/api/legacyscheme:go_default_library", "//pkg/apis/admissionregistration/fuzzer:go_default_library", "//pkg/apis/apps/fuzzer:go_default_library", + "//pkg/apis/auditregistration/fuzzer:go_default_library", "//pkg/apis/autoscaling/fuzzer:go_default_library", "//pkg/apis/batch/fuzzer:go_default_library", "//pkg/apis/certificates/fuzzer:go_default_library", diff --git a/pkg/api/testing/defaulting_test.go b/pkg/api/testing/defaulting_test.go index 58d9dc487c25..504535772729 100644 --- a/pkg/api/testing/defaulting_test.go +++ b/pkg/api/testing/defaulting_test.go @@ -136,6 +136,8 @@ func TestDefaulting(t *testing.T) { {Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "ValidatingWebhookConfigurationList"}: {}, {Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "MutatingWebhookConfiguration"}: {}, {Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "MutatingWebhookConfigurationList"}: {}, + {Group: "auditregistration.k8s.io", Version: "v1alpha1", Kind: "AuditSink"}: {}, + {Group: "auditregistration.k8s.io", Version: "v1alpha1", Kind: "AuditSinkList"}: {}, {Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicy"}: {}, {Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicyList"}: {}, {Group: "storage.k8s.io", Version: "v1beta1", Kind: "StorageClass"}: {}, diff --git a/pkg/api/testing/fuzzer.go b/pkg/api/testing/fuzzer.go index 2a2bb3175ba4..65b5f42bf907 100644 --- a/pkg/api/testing/fuzzer.go +++ b/pkg/api/testing/fuzzer.go @@ -29,6 +29,7 @@ import ( runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" admissionregistrationfuzzer "k8s.io/kubernetes/pkg/apis/admissionregistration/fuzzer" appsfuzzer "k8s.io/kubernetes/pkg/apis/apps/fuzzer" + auditregistrationfuzzer "k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer" autoscalingfuzzer "k8s.io/kubernetes/pkg/apis/autoscaling/fuzzer" batchfuzzer "k8s.io/kubernetes/pkg/apis/batch/fuzzer" certificatesfuzzer "k8s.io/kubernetes/pkg/apis/certificates/fuzzer" @@ -101,6 +102,7 @@ var FuzzerFuncs = fuzzer.MergeFuzzerFuncs( policyfuzzer.Funcs, certificatesfuzzer.Funcs, admissionregistrationfuzzer.Funcs, + auditregistrationfuzzer.Funcs, storagefuzzer.Funcs, networkingfuzzer.Funcs, ) diff --git a/pkg/apis/admissionregistration/validation/validation.go b/pkg/apis/admissionregistration/validation/validation.go index 14d3d799bf46..9174bb0835a5 100644 --- a/pkg/apis/admissionregistration/validation/validation.go +++ b/pkg/apis/admissionregistration/validation/validation.go @@ -240,6 +240,7 @@ func validateWebhookClientConfig(fldPath *field.Path, cc *admissionregistration. return allErrors } +// note: this has copy/paste inheritance in auditregistration func validateWebhookService(fldPath *field.Path, svc *admissionregistration.ServiceReference) field.ErrorList { var allErrors field.ErrorList diff --git a/pkg/apis/auditregistration/BUILD b/pkg/apis/auditregistration/BUILD new file mode 100644 index 000000000000..65913a1c996f --- /dev/null +++ b/pkg/apis/auditregistration/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "register.go", + "types.go", + "zz_generated.deepcopy.go", + ], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/apis/auditregistration/fuzzer:all-srcs", + "//pkg/apis/auditregistration/install:all-srcs", + "//pkg/apis/auditregistration/v1alpha1:all-srcs", + "//pkg/apis/auditregistration/validation:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/doc.go b/pkg/apis/auditregistration/doc.go new file mode 100644 index 000000000000..1046b5a62be1 --- /dev/null +++ b/pkg/apis/auditregistration/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:deepcopy-gen=package +// +groupName=auditregistration.k8s.io + +package auditregistration // import "k8s.io/kubernetes/pkg/apis/auditregistration" diff --git a/pkg/apis/auditregistration/fuzzer/BUILD b/pkg/apis/auditregistration/fuzzer/BUILD new file mode 100644 index 000000000000..3c4d743d8f62 --- /dev/null +++ b/pkg/apis/auditregistration/fuzzer/BUILD @@ -0,0 +1,27 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["fuzzer.go"], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", + "//vendor/github.com/google/gofuzz:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/fuzzer/fuzzer.go b/pkg/apis/auditregistration/fuzzer/fuzzer.go new file mode 100644 index 000000000000..eb141540fe59 --- /dev/null +++ b/pkg/apis/auditregistration/fuzzer/fuzzer.go @@ -0,0 +1,38 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fuzzer + +import ( + fuzz "github.com/google/gofuzz" + + runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" + "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// Funcs returns the fuzzer functions for the auditregistration api group. +var Funcs = func(codecs runtimeserializer.CodecFactory) []interface{} { + return []interface{}{ + func(obj *auditregistration.AuditSink, c fuzz.Continue) { + c.FuzzNoCustom(obj) + v := int64(1) + obj.Spec.Webhook.Throttle = &auditregistration.WebhookThrottleConfig{ + QPS: &v, + Burst: &v, + } + }, + } +} diff --git a/pkg/apis/auditregistration/install/BUILD b/pkg/apis/auditregistration/install/BUILD new file mode 100644 index 000000000000..09172ed23c97 --- /dev/null +++ b/pkg/apis/auditregistration/install/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["install.go"], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/install", + visibility = ["//visibility:public"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/apis/auditregistration:go_default_library", + "//pkg/apis/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/install/install.go b/pkg/apis/auditregistration/install/install.go new file mode 100644 index 000000000000..ffb905cd131d --- /dev/null +++ b/pkg/apis/auditregistration/install/install.go @@ -0,0 +1,38 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package install adds the experimental API group, making it available as +// an option to all of the API encoding/decoding machinery. +package install + +import ( + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/kubernetes/pkg/api/legacyscheme" + "k8s.io/kubernetes/pkg/apis/auditregistration" + "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" +) + +func init() { + Install(legacyscheme.Scheme) +} + +// Install registers the API group and adds types to a scheme +func Install(scheme *runtime.Scheme) { + utilruntime.Must(auditregistration.AddToScheme(scheme)) + utilruntime.Must(v1alpha1.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion)) +} diff --git a/pkg/apis/auditregistration/register.go b/pkg/apis/auditregistration/register.go new file mode 100644 index 000000000000..ebaa38109482 --- /dev/null +++ b/pkg/apis/auditregistration/register.go @@ -0,0 +1,53 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package auditregistration + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name use in this package +const GroupName = "auditregistration.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns a Group qualified GroupKind +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // SchemeBuilder for audit registration + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // AddToScheme audit registration + AddToScheme = SchemeBuilder.AddToScheme +) + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &AuditSink{}, + &AuditSinkList{}, + ) + return nil +} diff --git a/pkg/apis/auditregistration/types.go b/pkg/apis/auditregistration/types.go new file mode 100644 index 000000000000..8362483d21e7 --- /dev/null +++ b/pkg/apis/auditregistration/types.go @@ -0,0 +1,197 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:openapi-gen=true + +package auditregistration + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// Level defines the amount of information logged during auditing +type Level string + +// Valid audit levels +const ( + // LevelNone disables auditing + LevelNone Level = "None" + // LevelMetadata provides the basic level of auditing. + LevelMetadata Level = "Metadata" + // LevelRequest provides Metadata level of auditing, and additionally + // logs the request object (does not apply for non-resource requests). + LevelRequest Level = "Request" + // LevelRequestResponse provides Request level of auditing, and additionally + // logs the response object (does not apply for non-resource requests and watches). + LevelRequestResponse Level = "RequestResponse" +) + +// Stage defines the stages in request handling during which audit events may be generated. +type Stage string + +// Valid audit stages. +const ( + // The stage for events generated after the audit handler receives the request, but before it + // is delegated down the handler chain. + StageRequestReceived = "RequestReceived" + // The stage for events generated after the response headers are sent, but before the response body + // is sent. This stage is only generated for long-running requests (e.g. watch). + StageResponseStarted = "ResponseStarted" + // The stage for events generated after the response body has been completed, and no more bytes + // will be sent. + StageResponseComplete = "ResponseComplete" + // The stage for events generated when a panic occurred. + StagePanic = "Panic" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSink represents a cluster level sink for audit data +type AuditSink struct { + metav1.TypeMeta + + // +optional + metav1.ObjectMeta + + // Spec defines the audit sink spec + Spec AuditSinkSpec +} + +// AuditSinkSpec is the spec for the audit sink object +type AuditSinkSpec struct { + // Policy defines the policy for selecting which events should be sent to the backend + // required + Policy Policy + + // Webhook to send events + // required + Webhook Webhook +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSinkList is a list of a audit sink items. +type AuditSinkList struct { + metav1.TypeMeta + + // +optional + metav1.ListMeta + + // List of audit configurations. + Items []AuditSink +} + +// Policy defines the configuration of how audit events are logged +type Policy struct { + // The Level that all requests are recorded at. + // available options: None, Metadata, Request, RequestResponse + // required + Level Level + + // Stages is a list of stages for which events are created. + // +optional + Stages []Stage +} + +// Webhook holds the configuration of the webhooks +type Webhook struct { + // Throttle holds the options for throttling the webhook + // +optional + Throttle *WebhookThrottleConfig + + // ClientConfig holds the connection parameters for the webhook + // required + ClientConfig WebhookClientConfig +} + +// WebhookThrottleConfig holds the configuration for throttling +type WebhookThrottleConfig struct { + // QPS maximum number of batches per second + // default 10 QPS + // +optional + QPS *int64 + + // Burst is the maximum number of events sent at the same moment + // default 15 QPS + // +optional + Burst *int64 +} + +// WebhookClientConfig contains the information to make a connection with the webhook +type WebhookClientConfig struct { + // `url` gives the location of the webhook, in standard URL form + // (`[scheme://]host:port/path`). Exactly one of `url` or `service` + // must be specified. + // + // The `host` should not refer to a service running in the cluster; use + // the `service` field instead. The host might be resolved via external + // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve + // in-cluster DNS as that would be a layering violation). `host` may + // also be an IP address. + // + // Please note that using `localhost` or `127.0.0.1` as a `host` is + // risky unless you take great care to run this webhook on all hosts + // which run an apiserver which might need to make calls to this + // webhook. Such installs are likely to be non-portable, i.e., not easy + // to turn up in a new cluster. + // + // The scheme must be "https"; the URL must begin with "https://". + // + // A path is optional, and if present may be any string permissible in + // a URL. You may use the path to pass an arbitrary string to the + // webhook, for example, a cluster identifier. + // + // Attempting to use a user or basic auth e.g. "user:password@" is not + // allowed. Fragments ("#...") and query parameters ("?...") are not + // allowed, either. + // + // +optional + URL *string + + // `service` is a reference to the service for this webhook. Either + // `service` or `url` must be specified. + // + // If the webhook is running within the cluster, then you should use `service`. + // + // Port 443 will be used if it is open, otherwise it is an error. + // + // +optional + Service *ServiceReference + + // `caBundle` is a PEM encoded CA bundle which will be used to validate + // the webhook's server certificate. + // defaults to the apiservers CA bundle for the endpoint type + // +optional + CABundle []byte +} + +// ServiceReference holds a reference to Service.legacy.k8s.io +type ServiceReference struct { + // `namespace` is the namespace of the service. + // Required + Namespace string + + // `name` is the name of the service. + // Required + Name string + + // `path` is an optional URL path which will be sent in any request to + // this service. + // +optional + Path *string +} diff --git a/pkg/apis/auditregistration/v1alpha1/BUILD b/pkg/apis/auditregistration/v1alpha1/BUILD new file mode 100644 index 000000000000..5c5acd574491 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/BUILD @@ -0,0 +1,50 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "defaults.go", + "doc.go", + "register.go", + "zz_generated.conversion.go", + "zz_generated.defaults.go", + ], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/k8s.io/utils/pointer:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["defaults_test.go"], + embed = [":go_default_library"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//vendor/k8s.io/utils/pointer:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/v1alpha1/defaults.go b/pkg/apis/auditregistration/v1alpha1/defaults.go new file mode 100644 index 000000000000..1884a3907928 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/defaults.go @@ -0,0 +1,56 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apimachinery/pkg/runtime" + utilpointer "k8s.io/utils/pointer" +) + +const ( + // DefaultQPS is the default QPS value + DefaultQPS = int64(10) + // DefaultBurst is the default burst value + DefaultBurst = int64(15) +) + +// DefaultThrottle is a default throttle config +func DefaultThrottle() *auditregistrationv1alpha1.WebhookThrottleConfig { + return &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: utilpointer.Int64Ptr(DefaultQPS), + Burst: utilpointer.Int64Ptr(DefaultBurst), + } +} + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} + +// SetDefaults_AuditSink sets defaults if the audit sink isn't present +func SetDefaults_AuditSink(obj *auditregistrationv1alpha1.AuditSink) { + if obj.Spec.Webhook.Throttle != nil { + if obj.Spec.Webhook.Throttle.QPS == nil { + obj.Spec.Webhook.Throttle.QPS = utilpointer.Int64Ptr(DefaultQPS) + } + if obj.Spec.Webhook.Throttle.Burst == nil { + obj.Spec.Webhook.Throttle.Burst = utilpointer.Int64Ptr(DefaultBurst) + } + } else { + obj.Spec.Webhook.Throttle = DefaultThrottle() + } +} diff --git a/pkg/apis/auditregistration/v1alpha1/defaults_test.go b/pkg/apis/auditregistration/v1alpha1/defaults_test.go new file mode 100644 index 000000000000..acfc7fba8a19 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/defaults_test.go @@ -0,0 +1,165 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1_test + +import ( + "reflect" + "testing" + + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + apiequality "k8s.io/apimachinery/pkg/api/equality" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/kubernetes/pkg/api/legacyscheme" + _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" + . "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" + utilpointer "k8s.io/utils/pointer" +) + +func TestSetDefaultAuditSink(t *testing.T) { + defaultURL := "http://test" + tests := []struct { + original *auditregistrationv1alpha1.AuditSink + expected *auditregistrationv1alpha1.AuditSink + }{ + { // Missing Throttle + original: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + expected: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: DefaultThrottle(), + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + }, + { // Missing QPS + original: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + Burst: utilpointer.Int64Ptr(1), + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + expected: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: DefaultThrottle().QPS, + Burst: utilpointer.Int64Ptr(1), + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + }, + { // Missing Burst + original: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: utilpointer.Int64Ptr(1), + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + expected: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: utilpointer.Int64Ptr(1), + Burst: DefaultThrottle().Burst, + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + }, + } + + for i, test := range tests { + original := test.original + expected := test.expected + obj2 := roundTrip(t, runtime.Object(original)) + got, ok := obj2.(*auditregistrationv1alpha1.AuditSink) + if !ok { + t.Fatalf("(%d) unexpected object: %v", i, obj2) + } + if !apiequality.Semantic.DeepEqual(got.Spec, expected.Spec) { + t.Errorf("(%d) got different than expected\ngot:\n\t%+v\nexpected:\n\t%+v", i, got.Spec, expected.Spec) + } + } +} + +func roundTrip(t *testing.T, obj runtime.Object) runtime.Object { + data, err := runtime.Encode(legacyscheme.Codecs.LegacyCodec(SchemeGroupVersion), obj) + if err != nil { + t.Errorf("%v\n %#v", err, obj) + return nil + } + obj2, err := runtime.Decode(legacyscheme.Codecs.UniversalDecoder(), data) + if err != nil { + t.Errorf("%v\nData: %s\nSource: %#v", err, string(data), obj) + return nil + } + obj3 := reflect.New(reflect.TypeOf(obj).Elem()).Interface().(runtime.Object) + err = legacyscheme.Scheme.Convert(obj2, obj3, nil) + if err != nil { + t.Errorf("%v\nSource: %#v", err, obj2) + return nil + } + return obj3 +} diff --git a/pkg/apis/auditregistration/v1alpha1/doc.go b/pkg/apis/auditregistration/v1alpha1/doc.go new file mode 100644 index 000000000000..606c457c3027 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/doc.go @@ -0,0 +1,24 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/auditregistration +// +k8s:conversion-gen-external-types=k8s.io/api/auditregistration/v1alpha1 +// +k8s:defaulter-gen=TypeMeta +// +k8s:defaulter-gen-input=../../../../vendor/k8s.io/api/auditregistration/v1alpha1 + +// +groupName=auditregistration.k8s.io + +package v1alpha1 // import "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" diff --git a/pkg/apis/auditregistration/v1alpha1/register.go b/pkg/apis/auditregistration/v1alpha1/register.go new file mode 100644 index 000000000000..a74b162b6ad2 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/register.go @@ -0,0 +1,46 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName for audit registration +const GroupName = "auditregistration.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + localSchemeBuilder = &auditregistrationv1alpha1.SchemeBuilder + // AddToScheme audit registration + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addDefaultingFuncs) +} diff --git a/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go b/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go new file mode 100644 index 000000000000..b8f08e397e7c --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,316 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSink)(nil), (*auditregistration.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(a.(*v1alpha1.AuditSink), b.(*auditregistration.AuditSink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSink)(nil), (*v1alpha1.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(a.(*auditregistration.AuditSink), b.(*v1alpha1.AuditSink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkList)(nil), (*auditregistration.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(a.(*v1alpha1.AuditSinkList), b.(*auditregistration.AuditSinkList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkList)(nil), (*v1alpha1.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(a.(*auditregistration.AuditSinkList), b.(*v1alpha1.AuditSinkList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkSpec)(nil), (*auditregistration.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(a.(*v1alpha1.AuditSinkSpec), b.(*auditregistration.AuditSinkSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkSpec)(nil), (*v1alpha1.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(a.(*auditregistration.AuditSinkSpec), b.(*v1alpha1.AuditSinkSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.Policy)(nil), (*auditregistration.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_Policy_To_auditregistration_Policy(a.(*v1alpha1.Policy), b.(*auditregistration.Policy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.Policy)(nil), (*v1alpha1.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_Policy_To_v1alpha1_Policy(a.(*auditregistration.Policy), b.(*v1alpha1.Policy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.ServiceReference)(nil), (*auditregistration.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(a.(*v1alpha1.ServiceReference), b.(*auditregistration.ServiceReference), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.ServiceReference)(nil), (*v1alpha1.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(a.(*auditregistration.ServiceReference), b.(*v1alpha1.ServiceReference), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.Webhook)(nil), (*auditregistration.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_Webhook_To_auditregistration_Webhook(a.(*v1alpha1.Webhook), b.(*auditregistration.Webhook), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.Webhook)(nil), (*v1alpha1.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_Webhook_To_v1alpha1_Webhook(a.(*auditregistration.Webhook), b.(*v1alpha1.Webhook), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookClientConfig)(nil), (*auditregistration.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(a.(*v1alpha1.WebhookClientConfig), b.(*auditregistration.WebhookClientConfig), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookClientConfig)(nil), (*v1alpha1.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(a.(*auditregistration.WebhookClientConfig), b.(*v1alpha1.WebhookClientConfig), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookThrottleConfig)(nil), (*auditregistration.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(a.(*v1alpha1.WebhookThrottleConfig), b.(*auditregistration.WebhookThrottleConfig), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookThrottleConfig)(nil), (*v1alpha1.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(a.(*auditregistration.WebhookThrottleConfig), b.(*v1alpha1.WebhookThrottleConfig), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink is an autogenerated conversion function. +func Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error { + return autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in, out, s) +} + +func autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink is an autogenerated conversion function. +func Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error { + return autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in, out, s) +} + +func autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]auditregistration.AuditSink)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList is an autogenerated conversion function. +func Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error { + return autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in, out, s) +} + +func autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]v1alpha1.AuditSink)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList is an autogenerated conversion function. +func Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error { + return autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in, out, s) +} + +func autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error { + if err := Convert_v1alpha1_Policy_To_auditregistration_Policy(&in.Policy, &out.Policy, s); err != nil { + return err + } + if err := Convert_v1alpha1_Webhook_To_auditregistration_Webhook(&in.Webhook, &out.Webhook, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec is an autogenerated conversion function. +func Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in, out, s) +} + +func autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error { + if err := Convert_auditregistration_Policy_To_v1alpha1_Policy(&in.Policy, &out.Policy, s); err != nil { + return err + } + if err := Convert_auditregistration_Webhook_To_v1alpha1_Webhook(&in.Webhook, &out.Webhook, s); err != nil { + return err + } + return nil +} + +// Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec is an autogenerated conversion function. +func Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error { + return autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in, out, s) +} + +func autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error { + out.Level = auditregistration.Level(in.Level) + out.Stages = *(*[]auditregistration.Stage)(unsafe.Pointer(&in.Stages)) + return nil +} + +// Convert_v1alpha1_Policy_To_auditregistration_Policy is an autogenerated conversion function. +func Convert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error { + return autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in, out, s) +} + +func autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error { + out.Level = v1alpha1.Level(in.Level) + out.Stages = *(*[]v1alpha1.Stage)(unsafe.Pointer(&in.Stages)) + return nil +} + +// Convert_auditregistration_Policy_To_v1alpha1_Policy is an autogenerated conversion function. +func Convert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error { + return autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in, out, s) +} + +func autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error { + out.Namespace = in.Namespace + out.Name = in.Name + out.Path = (*string)(unsafe.Pointer(in.Path)) + return nil +} + +// Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference is an autogenerated conversion function. +func Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error { + return autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in, out, s) +} + +func autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error { + out.Namespace = in.Namespace + out.Name = in.Name + out.Path = (*string)(unsafe.Pointer(in.Path)) + return nil +} + +// Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference is an autogenerated conversion function. +func Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error { + return autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in, out, s) +} + +func autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error { + out.Throttle = (*auditregistration.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle)) + if err := Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_Webhook_To_auditregistration_Webhook is an autogenerated conversion function. +func Convert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error { + return autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in, out, s) +} + +func autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error { + out.Throttle = (*v1alpha1.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle)) + if err := Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil { + return err + } + return nil +} + +// Convert_auditregistration_Webhook_To_v1alpha1_Webhook is an autogenerated conversion function. +func Convert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error { + return autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in, out, s) +} + +func autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error { + out.URL = (*string)(unsafe.Pointer(in.URL)) + out.Service = (*auditregistration.ServiceReference)(unsafe.Pointer(in.Service)) + out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle)) + return nil +} + +// Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig is an autogenerated conversion function. +func Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error { + return autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in, out, s) +} + +func autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error { + out.URL = (*string)(unsafe.Pointer(in.URL)) + out.Service = (*v1alpha1.ServiceReference)(unsafe.Pointer(in.Service)) + out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle)) + return nil +} + +// Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig is an autogenerated conversion function. +func Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error { + return autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in, out, s) +} + +func autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error { + out.QPS = (*int64)(unsafe.Pointer(in.QPS)) + out.Burst = (*int64)(unsafe.Pointer(in.Burst)) + return nil +} + +// Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig is an autogenerated conversion function. +func Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error { + return autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in, out, s) +} + +func autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error { + out.QPS = (*int64)(unsafe.Pointer(in.QPS)) + out.Burst = (*int64)(unsafe.Pointer(in.Burst)) + return nil +} + +// Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig is an autogenerated conversion function. +func Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error { + return autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in, out, s) +} diff --git a/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go b/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go new file mode 100644 index 000000000000..1f23658b80a6 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,46 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSink{}, func(obj interface{}) { SetObjectDefaults_AuditSink(obj.(*v1alpha1.AuditSink)) }) + scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSinkList{}, func(obj interface{}) { SetObjectDefaults_AuditSinkList(obj.(*v1alpha1.AuditSinkList)) }) + return nil +} + +func SetObjectDefaults_AuditSink(in *v1alpha1.AuditSink) { + SetDefaults_AuditSink(in) +} + +func SetObjectDefaults_AuditSinkList(in *v1alpha1.AuditSinkList) { + for i := range in.Items { + a := &in.Items[i] + SetObjectDefaults_AuditSink(a) + } +} diff --git a/pkg/apis/auditregistration/validation/BUILD b/pkg/apis/auditregistration/validation/BUILD new file mode 100644 index 000000000000..42e821cf0b71 --- /dev/null +++ b/pkg/apis/auditregistration/validation/BUILD @@ -0,0 +1,41 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["validation.go"], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/validation", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["validation_test.go"], + embed = [":go_default_library"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", + "//vendor/github.com/stretchr/testify/require:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/validation/validation.go b/pkg/apis/auditregistration/validation/validation.go new file mode 100644 index 000000000000..693a65741818 --- /dev/null +++ b/pkg/apis/auditregistration/validation/validation.go @@ -0,0 +1,200 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "fmt" + "net/url" + "strings" + + genericvalidation "k8s.io/apimachinery/pkg/api/validation" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/validation" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// ValidateAuditSink validates the AuditSinks +func ValidateAuditSink(as *auditregistration.AuditSink) field.ErrorList { + allErrs := genericvalidation.ValidateObjectMeta(&as.ObjectMeta, false, genericvalidation.NameIsDNSSubdomain, field.NewPath("metadata")) + allErrs = append(allErrs, ValidateAuditSinkSpec(as.Spec, field.NewPath("spec"))...) + return allErrs +} + +// ValidateAuditSinkSpec validates the sink spec for audit +func ValidateAuditSinkSpec(s auditregistration.AuditSinkSpec, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + allErrs = append(allErrs, ValidatePolicy(s.Policy, field.NewPath("policy"))...) + allErrs = append(allErrs, ValidateWebhook(s.Webhook, field.NewPath("webhook"))...) + return allErrs +} + +// ValidateWebhook validates the webhook +func ValidateWebhook(w auditregistration.Webhook, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + if w.Throttle != nil { + allErrs = append(allErrs, ValidateWebhookThrottleConfig(w.Throttle, fldPath.Child("throttle"))...) + } + allErrs = append(allErrs, ValidateWebhookClientConfig(&w.ClientConfig, fldPath.Child("clientConfig"))...) + return allErrs +} + +// ValidateWebhookThrottleConfig validates the throttle config +func ValidateWebhookThrottleConfig(c *auditregistration.WebhookThrottleConfig, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + if c.QPS != nil && *c.QPS <= 0 { + allErrs = append(allErrs, field.Invalid(fldPath.Child("qps"), c.QPS, "qps must be a positive number")) + } + if c.Burst != nil && *c.Burst <= 0 { + allErrs = append(allErrs, field.Invalid(fldPath.Child("burst"), c.Burst, "burst must be a positive number")) + } + return allErrs +} + +// ValidateWebhookClientConfig validates the WebhookClientConfig +// note: this is largely copy/paste inheritance from admissionregistration with subtle changes +func ValidateWebhookClientConfig(cc *auditregistration.WebhookClientConfig, fldPath *field.Path) field.ErrorList { + var allErrors field.ErrorList + if (cc.URL == nil) == (cc.Service == nil) { + allErrors = append(allErrors, field.Required(fldPath.Child("url"), "exactly one of url or service is required")) + } + + if cc.URL != nil { + const form = "; desired format: https://host[/path]" + if u, err := url.Parse(*cc.URL); err != nil { + allErrors = append(allErrors, field.Required(fldPath.Child("url"), "url must be a valid URL: "+err.Error()+form)) + } else { + if len(u.Host) == 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.Host, "host must be provided"+form)) + } + if u.User != nil { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.User.String(), "user information is not permitted in the URL")) + } + if len(u.Fragment) != 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.Fragment, "fragments are not permitted in the URL")) + } + if len(u.RawQuery) != 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.RawQuery, "query parameters are not permitted in the URL")) + } + } + } + + if cc.Service != nil { + allErrors = append(allErrors, validateWebhookService(cc.Service, fldPath.Child("service"))...) + } + return allErrors +} + +// note: this is copy/paste inheritance from admissionregistration +func validateWebhookService(svc *auditregistration.ServiceReference, fldPath *field.Path) field.ErrorList { + var allErrors field.ErrorList + + if len(svc.Name) == 0 { + allErrors = append(allErrors, field.Required(fldPath.Child("name"), "service name is required")) + } + + if len(svc.Namespace) == 0 { + allErrors = append(allErrors, field.Required(fldPath.Child("namespace"), "service namespace is required")) + } + + if svc.Path == nil { + return allErrors + } + + // TODO: replace below with url.Parse + verifying that host is empty? + + urlPath := *svc.Path + if urlPath == "/" || len(urlPath) == 0 { + return allErrors + } + if urlPath == "//" { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, "segment[0] may not be empty")) + return allErrors + } + + if !strings.HasPrefix(urlPath, "/") { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, "must start with a '/'")) + } + + urlPathToCheck := urlPath[1:] + if strings.HasSuffix(urlPathToCheck, "/") { + urlPathToCheck = urlPathToCheck[:len(urlPathToCheck)-1] + } + steps := strings.Split(urlPathToCheck, "/") + for i, step := range steps { + if len(step) == 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, fmt.Sprintf("segment[%d] may not be empty", i))) + continue + } + failures := validation.IsDNS1123Subdomain(step) + for _, failure := range failures { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, fmt.Sprintf("segment[%d]: %v", i, failure))) + } + } + + return allErrors +} + +// ValidatePolicy validates the audit policy +func ValidatePolicy(policy auditregistration.Policy, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + allErrs = append(allErrs, validateStages(policy.Stages, fldPath.Child("stages"))...) + allErrs = append(allErrs, validateLevel(policy.Level, fldPath.Child("level"))...) + if policy.Level != auditregistration.LevelNone && len(policy.Stages) == 0 { + return field.ErrorList{field.Required(fldPath.Child("stages"), "")} + } + return allErrs +} + +var validLevels = sets.NewString( + string(auditregistration.LevelNone), + string(auditregistration.LevelMetadata), + string(auditregistration.LevelRequest), + string(auditregistration.LevelRequestResponse), +) + +var validStages = sets.NewString( + string(auditregistration.StageRequestReceived), + string(auditregistration.StageResponseStarted), + string(auditregistration.StageResponseComplete), + string(auditregistration.StagePanic), +) + +func validateLevel(level auditregistration.Level, fldPath *field.Path) field.ErrorList { + if string(level) == "" { + return field.ErrorList{field.Required(fldPath, "")} + } + if !validLevels.Has(string(level)) { + return field.ErrorList{field.NotSupported(fldPath, level, validLevels.List())} + } + return nil +} + +func validateStages(stages []auditregistration.Stage, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + for i, stage := range stages { + if !validStages.Has(string(stage)) { + allErrs = append(allErrs, field.Invalid(fldPath.Index(i), string(stage), "allowed stages are "+strings.Join(validStages.List(), ","))) + } + } + return allErrs +} + +// ValidateAuditSinkUpdate validates an update to the object +func ValidateAuditSinkUpdate(newC, oldC *auditregistration.AuditSink) field.ErrorList { + return ValidateAuditSink(newC) +} diff --git a/pkg/apis/auditregistration/validation/validation_test.go b/pkg/apis/auditregistration/validation/validation_test.go new file mode 100644 index 000000000000..522fb246ce82 --- /dev/null +++ b/pkg/apis/auditregistration/validation/validation_test.go @@ -0,0 +1,324 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "strings" + "testing" + + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +func TestValidateAuditSink(t *testing.T) { + testQPS := int64(10) + testURL := "http://localhost" + testCases := []struct { + name string + conf auditregistration.AuditSink + numErr int + }{ + { + name: "should pass full config", + conf: auditregistration.AuditSink{ + ObjectMeta: metav1.ObjectMeta{ + Name: "myconf", + }, + Spec: auditregistration.AuditSinkSpec{ + Policy: auditregistration.Policy{ + Level: auditregistration.LevelRequest, + Stages: []auditregistration.Stage{ + auditregistration.StageRequestReceived, + }, + }, + Webhook: auditregistration.Webhook{ + Throttle: &auditregistration.WebhookThrottleConfig{ + QPS: &testQPS, + }, + ClientConfig: auditregistration.WebhookClientConfig{ + URL: &testURL, + }, + }, + }, + }, + numErr: 0, + }, + { + name: "should fail no policy", + conf: auditregistration.AuditSink{ + ObjectMeta: metav1.ObjectMeta{ + Name: "myconf", + }, + Spec: auditregistration.AuditSinkSpec{ + Webhook: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: &testURL, + }, + }, + }, + }, + numErr: 1, + }, + { + name: "should fail no webhook", + conf: auditregistration.AuditSink{ + ObjectMeta: metav1.ObjectMeta{ + Name: "myconf", + }, + Spec: auditregistration.AuditSinkSpec{ + Policy: auditregistration.Policy{ + Level: auditregistration.LevelMetadata, + Stages: []auditregistration.Stage{ + auditregistration.StageRequestReceived, + }, + }, + }, + }, + numErr: 1, + }, + } + + for _, test := range testCases { + t.Run(test.name, func(t *testing.T) { + errs := ValidateAuditSink(&test.conf) + require.Len(t, errs, test.numErr) + }) + } +} + +func TestValidatePolicy(t *testing.T) { + successCases := []auditregistration.Policy{} + successCases = append(successCases, auditregistration.Policy{ // Policy with omitStages and level + Level: auditregistration.LevelRequest, + Stages: []auditregistration.Stage{ + auditregistration.Stage("RequestReceived"), + auditregistration.Stage("ResponseStarted"), + }, + }) + successCases = append(successCases, auditregistration.Policy{Level: auditregistration.LevelNone}) // Policy with none level only + + for i, policy := range successCases { + if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) != 0 { + t.Errorf("[%d] Expected policy %#v to be valid: %v", i, policy, errs) + } + } + + errorCases := []auditregistration.Policy{} + errorCases = append(errorCases, auditregistration.Policy{}) // Empty policy // Policy with missing level + errorCases = append(errorCases, auditregistration.Policy{Stages: []auditregistration.Stage{ // Policy with invalid stages + auditregistration.Stage("Bad")}}) + errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.Level("invalid")}) // Policy with bad level + errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.LevelMetadata}) // Policy without stages + + for i, policy := range errorCases { + if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) == 0 { + t.Errorf("[%d] Expected policy %#v to be invalid!", i, policy) + } + } +} + +func strPtr(s string) *string { return &s } + +func TestValidateWebhookConfiguration(t *testing.T) { + tests := []struct { + name string + config auditregistration.Webhook + expectedError string + }{ + { + name: "both service and URL missing", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{}, + }, + expectedError: `exactly one of`, + }, + { + name: "both service and URL provided", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + }, + URL: strPtr("example.com/k8s/webhook"), + }, + }, + expectedError: `webhook.clientConfig.url: Required value: exactly one of url or service is required`, + }, + { + name: "blank URL", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr(""), + }, + }, + expectedError: `webhook.clientConfig.url: Invalid value: "": host must be provided`, + }, + { + name: "missing host", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https:///fancy/webhook"), + }, + }, + expectedError: `host must be provided`, + }, + { + name: "fragment", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https://example.com/#bookmark"), + }, + }, + expectedError: `"bookmark": fragments are not permitted`, + }, + { + name: "query", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https://example.com?arg=value"), + }, + }, + expectedError: `"arg=value": query parameters are not permitted`, + }, + { + name: "user", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https://harry.potter@example.com/"), + }, + }, + expectedError: `"harry.potter": user information is not permitted`, + }, + { + name: "just totally wrong", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("arg#backwards=thisis?html.index/port:host//:https"), + }, + }, + expectedError: `host must be provided`, + }, + { + name: "path must start with slash", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("foo/"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "foo/": must start with a '/'`, + }, + { + name: "path accepts slash", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/"), + }, + }, + }, + expectedError: ``, + }, + { + name: "path accepts no trailing slash", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/foo"), + }, + }, + }, + expectedError: ``, + }, + { + name: "path fails //", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("//"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "//": segment[0] may not be empty`, + }, + { + name: "path no empty step", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/foo//bar/"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "/foo//bar/": segment[1] may not be empty`, + }, { + name: "path no empty step 2", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/foo/bar//"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "/foo/bar//": segment[2] may not be empty`, + }, + { + name: "path no non-subdomain", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/apis/foo.bar/v1alpha1/--bad"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "/apis/foo.bar/v1alpha1/--bad": segment[3]: a DNS-1123 subdomain`, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + errs := ValidateWebhook(test.config, field.NewPath("webhook")) + err := errs.ToAggregate() + if err != nil { + if e, a := test.expectedError, err.Error(); !strings.Contains(a, e) || e == "" { + t.Errorf("expected to contain \nerr: %s \ngot: %s", e, a) + } + } else { + if test.expectedError != "" { + t.Errorf("unexpected no error, expected to contain %s", test.expectedError) + } + } + }) + } +} diff --git a/pkg/apis/auditregistration/zz_generated.deepcopy.go b/pkg/apis/auditregistration/zz_generated.deepcopy.go new file mode 100644 index 000000000000..45106c0a5c74 --- /dev/null +++ b/pkg/apis/auditregistration/zz_generated.deepcopy.go @@ -0,0 +1,224 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package auditregistration + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSink) DeepCopyInto(out *AuditSink) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSink. +func (in *AuditSink) DeepCopy() *AuditSink { + if in == nil { + return nil + } + out := new(AuditSink) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSink) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkList) DeepCopyInto(out *AuditSinkList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AuditSink, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkList. +func (in *AuditSinkList) DeepCopy() *AuditSinkList { + if in == nil { + return nil + } + out := new(AuditSinkList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSinkList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkSpec) DeepCopyInto(out *AuditSinkSpec) { + *out = *in + in.Policy.DeepCopyInto(&out.Policy) + in.Webhook.DeepCopyInto(&out.Webhook) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkSpec. +func (in *AuditSinkSpec) DeepCopy() *AuditSinkSpec { + if in == nil { + return nil + } + out := new(AuditSinkSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Policy) DeepCopyInto(out *Policy) { + *out = *in + if in.Stages != nil { + in, out := &in.Stages, &out.Stages + *out = make([]Stage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. +func (in *Policy) DeepCopy() *Policy { + if in == nil { + return nil + } + out := new(Policy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceReference) DeepCopyInto(out *ServiceReference) { + *out = *in + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference. +func (in *ServiceReference) DeepCopy() *ServiceReference { + if in == nil { + return nil + } + out := new(ServiceReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Webhook) DeepCopyInto(out *Webhook) { + *out = *in + if in.Throttle != nil { + in, out := &in.Throttle, &out.Throttle + *out = new(WebhookThrottleConfig) + (*in).DeepCopyInto(*out) + } + in.ClientConfig.DeepCopyInto(&out.ClientConfig) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook. +func (in *Webhook) DeepCopy() *Webhook { + if in == nil { + return nil + } + out := new(Webhook) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig) { + *out = *in + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(ServiceReference) + (*in).DeepCopyInto(*out) + } + if in.CABundle != nil { + in, out := &in.CABundle, &out.CABundle + *out = make([]byte, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig. +func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig { + if in == nil { + return nil + } + out := new(WebhookClientConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookThrottleConfig) DeepCopyInto(out *WebhookThrottleConfig) { + *out = *in + if in.QPS != nil { + in, out := &in.QPS, &out.QPS + *out = new(int64) + **out = **in + } + if in.Burst != nil { + in, out := &in.Burst, &out.Burst + *out = new(int64) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookThrottleConfig. +func (in *WebhookThrottleConfig) DeepCopy() *WebhookThrottleConfig { + if in == nil { + return nil + } + out := new(WebhookThrottleConfig) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/client/clientset_generated/internalclientset/BUILD b/pkg/client/clientset_generated/internalclientset/BUILD index 0486ae006331..09144c4c39ab 100644 --- a/pkg/client/clientset_generated/internalclientset/BUILD +++ b/pkg/client/clientset_generated/internalclientset/BUILD @@ -15,6 +15,7 @@ go_library( deps = [ "//pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion:go_default_library", @@ -51,6 +52,7 @@ filegroup( "//pkg/client/clientset_generated/internalclientset/scheme:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:all-srcs", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion:all-srcs", diff --git a/pkg/client/clientset_generated/internalclientset/clientset.go b/pkg/client/clientset_generated/internalclientset/clientset.go index 554d26807133..4a8cd33a6643 100644 --- a/pkg/client/clientset_generated/internalclientset/clientset.go +++ b/pkg/client/clientset_generated/internalclientset/clientset.go @@ -24,6 +24,7 @@ import ( flowcontrol "k8s.io/client-go/util/flowcontrol" admissionregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion" appsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion" + auditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" authenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion" authorizationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion" autoscalinginternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion" @@ -46,6 +47,7 @@ type Interface interface { Admissionregistration() admissionregistrationinternalversion.AdmissionregistrationInterface Core() coreinternalversion.CoreInterface Apps() appsinternalversion.AppsInterface + Auditregistration() auditregistrationinternalversion.AuditregistrationInterface Authentication() authenticationinternalversion.AuthenticationInterface Authorization() authorizationinternalversion.AuthorizationInterface Autoscaling() autoscalinginternalversion.AutoscalingInterface @@ -69,6 +71,7 @@ type Clientset struct { admissionregistration *admissionregistrationinternalversion.AdmissionregistrationClient core *coreinternalversion.CoreClient apps *appsinternalversion.AppsClient + auditregistration *auditregistrationinternalversion.AuditregistrationClient authentication *authenticationinternalversion.AuthenticationClient authorization *authorizationinternalversion.AuthorizationClient autoscaling *autoscalinginternalversion.AutoscalingClient @@ -100,6 +103,11 @@ func (c *Clientset) Apps() appsinternalversion.AppsInterface { return c.apps } +// Auditregistration retrieves the AuditregistrationClient +func (c *Clientset) Auditregistration() auditregistrationinternalversion.AuditregistrationInterface { + return c.auditregistration +} + // Authentication retrieves the AuthenticationClient func (c *Clientset) Authentication() authenticationinternalversion.AuthenticationInterface { return c.authentication @@ -198,6 +206,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } + cs.auditregistration, err = auditregistrationinternalversion.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } cs.authentication, err = authenticationinternalversion.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -269,6 +281,7 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { cs.admissionregistration = admissionregistrationinternalversion.NewForConfigOrDie(c) cs.core = coreinternalversion.NewForConfigOrDie(c) cs.apps = appsinternalversion.NewForConfigOrDie(c) + cs.auditregistration = auditregistrationinternalversion.NewForConfigOrDie(c) cs.authentication = authenticationinternalversion.NewForConfigOrDie(c) cs.authorization = authorizationinternalversion.NewForConfigOrDie(c) cs.autoscaling = autoscalinginternalversion.NewForConfigOrDie(c) @@ -294,6 +307,7 @@ func New(c rest.Interface) *Clientset { cs.admissionregistration = admissionregistrationinternalversion.New(c) cs.core = coreinternalversion.New(c) cs.apps = appsinternalversion.New(c) + cs.auditregistration = auditregistrationinternalversion.New(c) cs.authentication = authenticationinternalversion.New(c) cs.authorization = authorizationinternalversion.New(c) cs.autoscaling = autoscalinginternalversion.New(c) diff --git a/pkg/client/clientset_generated/internalclientset/fake/BUILD b/pkg/client/clientset_generated/internalclientset/fake/BUILD index 13d19536c53b..4e02bebe5fe1 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/BUILD +++ b/pkg/client/clientset_generated/internalclientset/fake/BUILD @@ -16,6 +16,7 @@ go_library( deps = [ "//pkg/apis/admissionregistration:go_default_library", "//pkg/apis/apps:go_default_library", + "//pkg/apis/auditregistration:go_default_library", "//pkg/apis/authentication:go_default_library", "//pkg/apis/authorization:go_default_library", "//pkg/apis/autoscaling:go_default_library", @@ -36,6 +37,8 @@ go_library( "//pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/fake:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/fake:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/fake:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion:go_default_library", diff --git a/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go b/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go index a3c244e2f7eb..1b48ee9f1914 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go +++ b/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go @@ -29,6 +29,8 @@ import ( fakeadmissionregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/fake" appsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion" fakeappsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/fake" + auditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" + fakeauditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake" authenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion" fakeauthenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/fake" authorizationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion" @@ -118,6 +120,11 @@ func (c *Clientset) Apps() appsinternalversion.AppsInterface { return &fakeappsinternalversion.FakeApps{Fake: &c.Fake} } +// Auditregistration retrieves the AuditregistrationClient +func (c *Clientset) Auditregistration() auditregistrationinternalversion.AuditregistrationInterface { + return &fakeauditregistrationinternalversion.FakeAuditregistration{Fake: &c.Fake} +} + // Authentication retrieves the AuthenticationClient func (c *Clientset) Authentication() authenticationinternalversion.AuthenticationInterface { return &fakeauthenticationinternalversion.FakeAuthentication{Fake: &c.Fake} diff --git a/pkg/client/clientset_generated/internalclientset/fake/register.go b/pkg/client/clientset_generated/internalclientset/fake/register.go index b57d17d82163..7540114665fe 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/register.go +++ b/pkg/client/clientset_generated/internalclientset/fake/register.go @@ -26,6 +26,7 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" admissionregistrationinternalversion "k8s.io/kubernetes/pkg/apis/admissionregistration" appsinternalversion "k8s.io/kubernetes/pkg/apis/apps" + auditregistrationinternalversion "k8s.io/kubernetes/pkg/apis/auditregistration" authenticationinternalversion "k8s.io/kubernetes/pkg/apis/authentication" authorizationinternalversion "k8s.io/kubernetes/pkg/apis/authorization" autoscalinginternalversion "k8s.io/kubernetes/pkg/apis/autoscaling" @@ -50,6 +51,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ admissionregistrationinternalversion.AddToScheme, coreinternalversion.AddToScheme, appsinternalversion.AddToScheme, + auditregistrationinternalversion.AddToScheme, authenticationinternalversion.AddToScheme, authorizationinternalversion.AddToScheme, autoscalinginternalversion.AddToScheme, diff --git a/pkg/client/clientset_generated/internalclientset/scheme/BUILD b/pkg/client/clientset_generated/internalclientset/scheme/BUILD index 30cbab1842b2..86f91055b34d 100644 --- a/pkg/client/clientset_generated/internalclientset/scheme/BUILD +++ b/pkg/client/clientset_generated/internalclientset/scheme/BUILD @@ -15,6 +15,7 @@ go_library( deps = [ "//pkg/apis/admissionregistration/install:go_default_library", "//pkg/apis/apps/install:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", "//pkg/apis/authentication/install:go_default_library", "//pkg/apis/authorization/install:go_default_library", "//pkg/apis/autoscaling/install:go_default_library", diff --git a/pkg/client/clientset_generated/internalclientset/scheme/register.go b/pkg/client/clientset_generated/internalclientset/scheme/register.go index 727d0e2995f8..efc10eb859f0 100644 --- a/pkg/client/clientset_generated/internalclientset/scheme/register.go +++ b/pkg/client/clientset_generated/internalclientset/scheme/register.go @@ -25,6 +25,7 @@ import ( serializer "k8s.io/apimachinery/pkg/runtime/serializer" admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration/install" apps "k8s.io/kubernetes/pkg/apis/apps/install" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration/install" authentication "k8s.io/kubernetes/pkg/apis/authentication/install" authorization "k8s.io/kubernetes/pkg/apis/authorization/install" autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling/install" @@ -56,6 +57,7 @@ func Install(scheme *runtime.Scheme) { admissionregistration.Install(scheme) core.Install(scheme) apps.Install(scheme) + auditregistration.Install(scheme) authentication.Install(scheme) authorization.Install(scheme) autoscaling.Install(scheme) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD new file mode 100644 index 000000000000..3d1e522b858a --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditregistration_client.go", + "auditsink.go", + "doc.go", + "generated_expansion.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/client/clientset_generated/internalclientset/scheme:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go new file mode 100644 index 000000000000..07bedcbf5f32 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go @@ -0,0 +1,96 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + rest "k8s.io/client-go/rest" + "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme" +) + +type AuditregistrationInterface interface { + RESTClient() rest.Interface + AuditSinksGetter +} + +// AuditregistrationClient is used to interact with features provided by the auditregistration.k8s.io group. +type AuditregistrationClient struct { + restClient rest.Interface +} + +func (c *AuditregistrationClient) AuditSinks() AuditSinkInterface { + return newAuditSinks(c) +} + +// NewForConfig creates a new AuditregistrationClient for the given config. +func NewForConfig(c *rest.Config) (*AuditregistrationClient, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AuditregistrationClient{client}, nil +} + +// NewForConfigOrDie creates a new AuditregistrationClient for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuditregistrationClient { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuditregistrationClient for the given RESTClient. +func New(c rest.Interface) *AuditregistrationClient { + return &AuditregistrationClient{c} +} + +func setConfigDefaults(config *rest.Config) error { + config.APIPath = "/apis" + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + if config.GroupVersion == nil || config.GroupVersion.Group != scheme.Scheme.PrioritizedVersionsForGroup("auditregistration.k8s.io")[0].Group { + gv := scheme.Scheme.PrioritizedVersionsForGroup("auditregistration.k8s.io")[0] + config.GroupVersion = &gv + } + config.NegotiatedSerializer = scheme.Codecs + + if config.QPS == 0 { + config.QPS = 5 + } + if config.Burst == 0 { + config.Burst = 10 + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuditregistrationClient) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go new file mode 100644 index 000000000000..799ec09c30a8 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go @@ -0,0 +1,147 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" + scheme "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme" +) + +// AuditSinksGetter has a method to return a AuditSinkInterface. +// A group's client should implement this interface. +type AuditSinksGetter interface { + AuditSinks() AuditSinkInterface +} + +// AuditSinkInterface has methods to work with AuditSink resources. +type AuditSinkInterface interface { + Create(*auditregistration.AuditSink) (*auditregistration.AuditSink, error) + Update(*auditregistration.AuditSink) (*auditregistration.AuditSink, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*auditregistration.AuditSink, error) + List(opts v1.ListOptions) (*auditregistration.AuditSinkList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) + AuditSinkExpansion +} + +// auditSinks implements AuditSinkInterface +type auditSinks struct { + client rest.Interface +} + +// newAuditSinks returns a AuditSinks +func newAuditSinks(c *AuditregistrationClient) *auditSinks { + return &auditSinks{ + client: c.RESTClient(), + } +} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *auditSinks) Get(name string, options v1.GetOptions) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Get(). + Resource("auditsinks"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *auditSinks) List(opts v1.ListOptions) (result *auditregistration.AuditSinkList, err error) { + result = &auditregistration.AuditSinkList{} + err = c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *auditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Create(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Post(). + Resource("auditsinks"). + Body(auditSink). + Do(). + Into(result) + return +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Update(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Put(). + Resource("auditsinks"). + Name(auditSink.Name). + Body(auditSink). + Do(). + Into(result) + return +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *auditSinks) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *auditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched auditSink. +func (c *auditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Patch(pt). + Resource("auditsinks"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go new file mode 100644 index 000000000000..86602442babd --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package internalversion diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD new file mode 100644 index 000000000000..9a65f4ba86ce --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD @@ -0,0 +1,37 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "fake_auditregistration_client.go", + "fake_auditsink.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/client-go/testing:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go new file mode 100644 index 000000000000..16f44399065e --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go new file mode 100644 index 000000000000..9cb2f1f3f4ed --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go @@ -0,0 +1,40 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" + internalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" +) + +type FakeAuditregistration struct { + *testing.Fake +} + +func (c *FakeAuditregistration) AuditSinks() internalversion.AuditSinkInterface { + return &FakeAuditSinks{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuditregistration) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go new file mode 100644 index 000000000000..eac7d725ae83 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go @@ -0,0 +1,120 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// FakeAuditSinks implements AuditSinkInterface +type FakeAuditSinks struct { + Fake *FakeAuditregistration +} + +var auditsinksResource = schema.GroupVersionResource{Group: "auditregistration.k8s.io", Version: "", Resource: "auditsinks"} + +var auditsinksKind = schema.GroupVersionKind{Group: "auditregistration.k8s.io", Version: "", Kind: "AuditSink"} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *FakeAuditSinks) Get(name string, options v1.GetOptions) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(auditsinksResource, name), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *FakeAuditSinks) List(opts v1.ListOptions) (result *auditregistration.AuditSinkList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(auditsinksResource, auditsinksKind, opts), &auditregistration.AuditSinkList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &auditregistration.AuditSinkList{ListMeta: obj.(*auditregistration.AuditSinkList).ListMeta} + for _, item := range obj.(*auditregistration.AuditSinkList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *FakeAuditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(auditsinksResource, opts)) +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Create(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(auditsinksResource, auditSink), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Update(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(auditsinksResource, auditSink), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *FakeAuditSinks) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(auditsinksResource, name), &auditregistration.AuditSink{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAuditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(auditsinksResource, listOptions) + + _, err := c.Fake.Invokes(action, &auditregistration.AuditSinkList{}) + return err +} + +// Patch applies the patch and returns the patched auditSink. +func (c *FakeAuditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(auditsinksResource, name, pt, data, subresources...), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go new file mode 100644 index 000000000000..4d3547b8d251 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +type AuditSinkExpansion interface{} diff --git a/pkg/client/informers/informers_generated/internalversion/BUILD b/pkg/client/informers/informers_generated/internalversion/BUILD index 8b463202bf37..febac107a40c 100644 --- a/pkg/client/informers/informers_generated/internalversion/BUILD +++ b/pkg/client/informers/informers_generated/internalversion/BUILD @@ -15,6 +15,7 @@ go_library( deps = [ "//pkg/apis/admissionregistration:go_default_library", "//pkg/apis/apps:go_default_library", + "//pkg/apis/auditregistration:go_default_library", "//pkg/apis/autoscaling:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/certificates:go_default_library", @@ -30,6 +31,7 @@ go_library( "//pkg/client/clientset_generated/internalclientset:go_default_library", "//pkg/client/informers/informers_generated/internalversion/admissionregistration:go_default_library", "//pkg/client/informers/informers_generated/internalversion/apps:go_default_library", + "//pkg/client/informers/informers_generated/internalversion/auditregistration:go_default_library", "//pkg/client/informers/informers_generated/internalversion/autoscaling:go_default_library", "//pkg/client/informers/informers_generated/internalversion/batch:go_default_library", "//pkg/client/informers/informers_generated/internalversion/certificates:go_default_library", @@ -63,6 +65,7 @@ filegroup( ":package-srcs", "//pkg/client/informers/informers_generated/internalversion/admissionregistration:all-srcs", "//pkg/client/informers/informers_generated/internalversion/apps:all-srcs", + "//pkg/client/informers/informers_generated/internalversion/auditregistration:all-srcs", "//pkg/client/informers/informers_generated/internalversion/autoscaling:all-srcs", "//pkg/client/informers/informers_generated/internalversion/batch:all-srcs", "//pkg/client/informers/informers_generated/internalversion/certificates:all-srcs", diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/BUILD b/pkg/client/informers/informers_generated/internalversion/auditregistration/BUILD new file mode 100644 index 000000000000..66d103acd280 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["interface.go"], + importpath = "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration", + visibility = ["//visibility:public"], + deps = [ + "//pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion:go_default_library", + "//pkg/client/informers/informers_generated/internalversion/internalinterfaces:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/interface.go b/pkg/client/informers/informers_generated/internalversion/auditregistration/interface.go new file mode 100644 index 000000000000..4340986bd098 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/interface.go @@ -0,0 +1,46 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package auditregistration + +import ( + internalversion "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion" + internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // InternalVersion provides access to shared informers for resources in InternalVersion. + InternalVersion() internalversion.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// InternalVersion returns a new internalversion.Interface. +func (g *group) InternalVersion() internalversion.Interface { + return internalversion.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/BUILD b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/BUILD new file mode 100644 index 000000000000..51da67f1c434 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/BUILD @@ -0,0 +1,35 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "interface.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/client/clientset_generated/internalclientset:go_default_library", + "//pkg/client/informers/informers_generated/internalversion/internalinterfaces:go_default_library", + "//pkg/client/listers/auditregistration/internalversion:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/auditsink.go b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/auditsink.go new file mode 100644 index 000000000000..328962ba1d37 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/auditsink.go @@ -0,0 +1,88 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" + internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" + internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces" + internalversion "k8s.io/kubernetes/pkg/client/listers/auditregistration/internalversion" +) + +// AuditSinkInformer provides access to a shared informer and lister for +// AuditSinks. +type AuditSinkInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.AuditSinkLister +} + +type auditSinkInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewAuditSinkInformer(client internalclientset.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredAuditSinkInformer(client internalclientset.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Auditregistration().AuditSinks().List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Auditregistration().AuditSinks().Watch(options) + }, + }, + &auditregistration.AuditSink{}, + resyncPeriod, + indexers, + ) +} + +func (f *auditSinkInformer) defaultInformer(client internalclientset.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *auditSinkInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&auditregistration.AuditSink{}, f.defaultInformer) +} + +func (f *auditSinkInformer) Lister() internalversion.AuditSinkLister { + return internalversion.NewAuditSinkLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/interface.go b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/interface.go new file mode 100644 index 000000000000..94164ee06e14 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/interface.go @@ -0,0 +1,45 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // AuditSinks returns a AuditSinkInformer. + AuditSinks() AuditSinkInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// AuditSinks returns a AuditSinkInformer. +func (v *version) AuditSinks() AuditSinkInformer { + return &auditSinkInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/pkg/client/informers/informers_generated/internalversion/factory.go b/pkg/client/informers/informers_generated/internalversion/factory.go index a58a8aaed518..7997c6e859e1 100644 --- a/pkg/client/informers/informers_generated/internalversion/factory.go +++ b/pkg/client/informers/informers_generated/internalversion/factory.go @@ -30,6 +30,7 @@ import ( internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" admissionregistration "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration" apps "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps" + auditregistration "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration" autoscaling "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling" batch "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch" certificates "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates" @@ -187,6 +188,7 @@ type SharedInformerFactory interface { Admissionregistration() admissionregistration.Interface Apps() apps.Interface + Auditregistration() auditregistration.Interface Autoscaling() autoscaling.Interface Batch() batch.Interface Certificates() certificates.Interface @@ -209,6 +211,10 @@ func (f *sharedInformerFactory) Apps() apps.Interface { return apps.New(f, f.namespace, f.tweakListOptions) } +func (f *sharedInformerFactory) Auditregistration() auditregistration.Interface { + return auditregistration.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Autoscaling() autoscaling.Interface { return autoscaling.New(f, f.namespace, f.tweakListOptions) } diff --git a/pkg/client/informers/informers_generated/internalversion/generic.go b/pkg/client/informers/informers_generated/internalversion/generic.go index 21b0eee8e6cf..92a5c6d18af4 100644 --- a/pkg/client/informers/informers_generated/internalversion/generic.go +++ b/pkg/client/informers/informers_generated/internalversion/generic.go @@ -25,6 +25,7 @@ import ( cache "k8s.io/client-go/tools/cache" admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration" apps "k8s.io/kubernetes/pkg/apis/apps" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling" batch "k8s.io/kubernetes/pkg/apis/batch" certificates "k8s.io/kubernetes/pkg/apis/certificates" @@ -79,6 +80,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case apps.SchemeGroupVersion.WithResource("statefulsets"): return &genericInformer{resource: resource.GroupResource(), informer: f.Apps().InternalVersion().StatefulSets().Informer()}, nil + // Group=auditregistration.k8s.io, Version=internalVersion + case auditregistration.SchemeGroupVersion.WithResource("auditsinks"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Auditregistration().InternalVersion().AuditSinks().Informer()}, nil + // Group=autoscaling, Version=internalVersion case autoscaling.SchemeGroupVersion.WithResource("horizontalpodautoscalers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Autoscaling().InternalVersion().HorizontalPodAutoscalers().Informer()}, nil diff --git a/pkg/client/listers/auditregistration/internalversion/BUILD b/pkg/client/listers/auditregistration/internalversion/BUILD new file mode 100644 index 000000000000..2c4c3481acd4 --- /dev/null +++ b/pkg/client/listers/auditregistration/internalversion/BUILD @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "expansion_generated.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/listers/auditregistration/internalversion", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/listers/auditregistration/internalversion/auditsink.go b/pkg/client/listers/auditregistration/internalversion/auditsink.go new file mode 100644 index 000000000000..f42c39da3169 --- /dev/null +++ b/pkg/client/listers/auditregistration/internalversion/auditsink.go @@ -0,0 +1,65 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// AuditSinkLister helps list AuditSinks. +type AuditSinkLister interface { + // List lists all AuditSinks in the indexer. + List(selector labels.Selector) (ret []*auditregistration.AuditSink, err error) + // Get retrieves the AuditSink from the index for a given name. + Get(name string) (*auditregistration.AuditSink, error) + AuditSinkListerExpansion +} + +// auditSinkLister implements the AuditSinkLister interface. +type auditSinkLister struct { + indexer cache.Indexer +} + +// NewAuditSinkLister returns a new AuditSinkLister. +func NewAuditSinkLister(indexer cache.Indexer) AuditSinkLister { + return &auditSinkLister{indexer: indexer} +} + +// List lists all AuditSinks in the indexer. +func (s *auditSinkLister) List(selector labels.Selector) (ret []*auditregistration.AuditSink, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*auditregistration.AuditSink)) + }) + return ret, err +} + +// Get retrieves the AuditSink from the index for a given name. +func (s *auditSinkLister) Get(name string) (*auditregistration.AuditSink, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(auditregistration.Resource("auditsink"), name) + } + return obj.(*auditregistration.AuditSink), nil +} diff --git a/pkg/client/listers/auditregistration/internalversion/expansion_generated.go b/pkg/client/listers/auditregistration/internalversion/expansion_generated.go new file mode 100644 index 000000000000..2b38d67733f8 --- /dev/null +++ b/pkg/client/listers/auditregistration/internalversion/expansion_generated.go @@ -0,0 +1,23 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +// AuditSinkListerExpansion allows custom methods to be added to +// AuditSinkLister. +type AuditSinkListerExpansion interface{} diff --git a/pkg/generated/openapi/BUILD b/pkg/generated/openapi/BUILD index 111670e7ea0b..add075d92e48 100644 --- a/pkg/generated/openapi/BUILD +++ b/pkg/generated/openapi/BUILD @@ -14,6 +14,7 @@ openapi_library( "cmd/cloud-controller-manager/app/apis/config/v1alpha1", "pkg/apis/abac/v0", "pkg/apis/abac/v1beta1", + "pkg/apis/auditregistration", "pkg/version", ], tags = ["automanaged"], @@ -25,6 +26,7 @@ openapi_library( "k8s.io/api/apps/v1", "k8s.io/api/apps/v1beta1", "k8s.io/api/apps/v1beta2", + "k8s.io/api/auditregistration/v1alpha1", "k8s.io/api/authentication/v1", "k8s.io/api/authentication/v1beta1", "k8s.io/api/authorization/v1", diff --git a/pkg/master/BUILD b/pkg/master/BUILD index 002d57bac4ec..2b71107778f9 100644 --- a/pkg/master/BUILD +++ b/pkg/master/BUILD @@ -17,6 +17,7 @@ go_library( "//pkg/apis/admission/install:go_default_library", "//pkg/apis/admissionregistration/install:go_default_library", "//pkg/apis/apps/install:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", "//pkg/apis/authentication/install:go_default_library", "//pkg/apis/authorization/install:go_default_library", "//pkg/apis/autoscaling/install:go_default_library", @@ -43,6 +44,7 @@ go_library( "//pkg/master/tunneler:go_default_library", "//pkg/registry/admissionregistration/rest:go_default_library", "//pkg/registry/apps/rest:go_default_library", + "//pkg/registry/auditregistration/rest:go_default_library", "//pkg/registry/authentication/rest:go_default_library", "//pkg/registry/authorization/rest:go_default_library", "//pkg/registry/autoscaling/rest:go_default_library", @@ -72,6 +74,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/authentication/v1:go_default_library", "//staging/src/k8s.io/api/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/api/authorization/v1:go_default_library", diff --git a/pkg/master/import_known_versions.go b/pkg/master/import_known_versions.go index 42477cc4b172..46e9a33d0d80 100644 --- a/pkg/master/import_known_versions.go +++ b/pkg/master/import_known_versions.go @@ -21,6 +21,7 @@ import ( _ "k8s.io/kubernetes/pkg/apis/admission/install" _ "k8s.io/kubernetes/pkg/apis/admissionregistration/install" _ "k8s.io/kubernetes/pkg/apis/apps/install" + _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" _ "k8s.io/kubernetes/pkg/apis/authentication/install" _ "k8s.io/kubernetes/pkg/apis/authorization/install" _ "k8s.io/kubernetes/pkg/apis/autoscaling/install" diff --git a/pkg/master/master.go b/pkg/master/master.go index 37c672c70947..bda9c0bcb51d 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -29,6 +29,7 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authenticationv1beta1 "k8s.io/api/authentication/v1beta1" authorizationapiv1 "k8s.io/api/authorization/v1" @@ -83,6 +84,7 @@ import ( // RESTStorage installers admissionregistrationrest "k8s.io/kubernetes/pkg/registry/admissionregistration/rest" appsrest "k8s.io/kubernetes/pkg/registry/apps/rest" + auditregistrationrest "k8s.io/kubernetes/pkg/registry/auditregistration/rest" authenticationrest "k8s.io/kubernetes/pkg/registry/authentication/rest" authorizationrest "k8s.io/kubernetes/pkg/registry/authorization/rest" autoscalingrest "k8s.io/kubernetes/pkg/registry/autoscaling/rest" @@ -346,6 +348,7 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget) // TODO: describe the priority all the way down in the RESTStorageProviders and plumb it back through the various discovery // handlers that we have. restStorageProviders := []RESTStorageProvider{ + auditregistrationrest.RESTStorageProvider{}, authenticationrest.RESTStorageProvider{Authenticator: c.GenericConfig.Authentication.Authenticator}, authorizationrest.RESTStorageProvider{Authorizer: c.GenericConfig.Authorization.Authorizer, RuleResolver: c.GenericConfig.RuleResolver}, autoscalingrest.RESTStorageProvider{}, @@ -505,6 +508,7 @@ func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig { ) // disable alpha versions explicitly so we have a full list of what's possible to serve ret.DisableVersions( + auditregistrationv1alpha1.SchemeGroupVersion, admissionregistrationv1alpha1.SchemeGroupVersion, batchapiv2alpha1.SchemeGroupVersion, rbacv1alpha1.SchemeGroupVersion, diff --git a/pkg/registry/BUILD b/pkg/registry/BUILD index 5b6479b76c36..6c5128b10398 100644 --- a/pkg/registry/BUILD +++ b/pkg/registry/BUILD @@ -32,6 +32,8 @@ filegroup( "//pkg/registry/apps/replicaset:all-srcs", "//pkg/registry/apps/rest:all-srcs", "//pkg/registry/apps/statefulset:all-srcs", + "//pkg/registry/auditregistration/auditsink:all-srcs", + "//pkg/registry/auditregistration/rest:all-srcs", "//pkg/registry/authentication/rest:all-srcs", "//pkg/registry/authentication/tokenreview:all-srcs", "//pkg/registry/authorization/localsubjectaccessreview:all-srcs", diff --git a/pkg/registry/auditregistration/auditsink/BUILD b/pkg/registry/auditregistration/auditsink/BUILD new file mode 100644 index 000000000000..c34dafb77702 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "strategy.go", + ], + importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink", + visibility = ["//visibility:public"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/apis/auditregistration:go_default_library", + "//pkg/apis/auditregistration/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/storage/names:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/registry/auditregistration/auditsink/storage:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/registry/auditregistration/auditsink/doc.go b/pkg/registry/auditregistration/auditsink/doc.go new file mode 100644 index 000000000000..09f36e9aa81b --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/doc.go @@ -0,0 +1,17 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package auditsink // import "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink" diff --git a/pkg/registry/auditregistration/auditsink/storage/BUILD b/pkg/registry/auditregistration/auditsink/storage/BUILD new file mode 100644 index 000000000000..daa0d67de052 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/storage/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["storage.go"], + importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink/storage", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/registry/auditregistration/auditsink:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/registry/auditregistration/auditsink/storage/storage.go b/pkg/registry/auditregistration/auditsink/storage/storage.go new file mode 100644 index 000000000000..f0f071407a75 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/storage/storage.go @@ -0,0 +1,51 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package storage + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/registry/generic" + genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" + "k8s.io/kubernetes/pkg/apis/auditregistration" + auditstrategy "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink" +) + +// REST implements a RESTStorage for audit sink against etcd +type REST struct { + *genericregistry.Store +} + +// NewREST returns a RESTStorage object that will work against audit sinks +func NewREST(optsGetter generic.RESTOptionsGetter) *REST { + store := &genericregistry.Store{ + NewFunc: func() runtime.Object { return &auditregistration.AuditSink{} }, + NewListFunc: func() runtime.Object { return &auditregistration.AuditSinkList{} }, + ObjectNameFunc: func(obj runtime.Object) (string, error) { + return obj.(*auditregistration.AuditSink).Name, nil + }, + DefaultQualifiedResource: auditregistration.Resource("auditsinks"), + + CreateStrategy: auditstrategy.Strategy, + UpdateStrategy: auditstrategy.Strategy, + DeleteStrategy: auditstrategy.Strategy, + } + options := &generic.StoreOptions{RESTOptions: optsGetter} + if err := store.CompleteWithOptions(options); err != nil { + panic(err) // TODO: Propagate error up + } + return &REST{store} +} diff --git a/pkg/registry/auditregistration/auditsink/strategy.go b/pkg/registry/auditregistration/auditsink/strategy.go new file mode 100644 index 000000000000..23c85ccbca64 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/strategy.go @@ -0,0 +1,89 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package auditsink + +import ( + "context" + "reflect" + + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/apiserver/pkg/storage/names" + "k8s.io/kubernetes/pkg/api/legacyscheme" + audit "k8s.io/kubernetes/pkg/apis/auditregistration" + "k8s.io/kubernetes/pkg/apis/auditregistration/validation" +) + +// auditSinkStrategy implements verification logic for AuditSink. +type auditSinkStrategy struct { + runtime.ObjectTyper + names.NameGenerator +} + +// Strategy is the default logic that applies when creating and updating AuditSink objects. +var Strategy = auditSinkStrategy{legacyscheme.Scheme, names.SimpleNameGenerator} + +// NamespaceScoped returns false because all AuditSink's need to be cluster scoped +func (auditSinkStrategy) NamespaceScoped() bool { + return false +} + +// PrepareForCreate clears the status of an AuditSink before creation. +func (auditSinkStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) { + ic := obj.(*audit.AuditSink) + ic.Generation = 1 +} + +// PrepareForUpdate clears fields that are not allowed to be set by end users on update. +func (auditSinkStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { + newIC := obj.(*audit.AuditSink) + oldIC := old.(*audit.AuditSink) + + // Any changes to the policy or backend increment the generation number + // See metav1.ObjectMeta description for more information on Generation. + if !reflect.DeepEqual(oldIC.Spec, newIC.Spec) { + newIC.Generation = oldIC.Generation + 1 + } +} + +// Validate validates a new auditSink. +func (auditSinkStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { + ic := obj.(*audit.AuditSink) + return validation.ValidateAuditSink(ic) +} + +// Canonicalize normalizes the object after validation. +func (auditSinkStrategy) Canonicalize(obj runtime.Object) { +} + +// AllowCreateOnUpdate is true for auditSink; this means you may create one with a PUT request. +func (auditSinkStrategy) AllowCreateOnUpdate() bool { + return false +} + +// ValidateUpdate is the default update validation for an end user. +func (auditSinkStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { + validationErrorList := validation.ValidateAuditSink(obj.(*audit.AuditSink)) + updateErrorList := validation.ValidateAuditSinkUpdate(obj.(*audit.AuditSink), old.(*audit.AuditSink)) + return append(validationErrorList, updateErrorList...) +} + +// AllowUnconditionalUpdate is the default update policy for auditSink objects. Status update should +// only be allowed if version match. +func (auditSinkStrategy) AllowUnconditionalUpdate() bool { + return false +} diff --git a/pkg/registry/auditregistration/rest/BUILD b/pkg/registry/auditregistration/rest/BUILD new file mode 100644 index 000000000000..a772ac495a07 --- /dev/null +++ b/pkg/registry/auditregistration/rest/BUILD @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["storage_auditregistration.go"], + importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/rest", + visibility = ["//visibility:public"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/registry/auditregistration/auditsink/storage:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/rest:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/registry/auditregistration/rest/storage_auditregistration.go b/pkg/registry/auditregistration/rest/storage_auditregistration.go new file mode 100644 index 000000000000..4bc5e884969d --- /dev/null +++ b/pkg/registry/auditregistration/rest/storage_auditregistration.go @@ -0,0 +1,53 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package rest + +import ( + auditv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apiserver/pkg/registry/generic" + "k8s.io/apiserver/pkg/registry/rest" + genericapiserver "k8s.io/apiserver/pkg/server" + serverstorage "k8s.io/apiserver/pkg/server/storage" + "k8s.io/kubernetes/pkg/api/legacyscheme" + auditstorage "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink/storage" +) + +// RESTStorageProvider is a REST storage provider for audit.k8s.io +type RESTStorageProvider struct{} + +// NewRESTStorage returns a RESTStorageProvider +func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool) { + apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(auditv1alpha1.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs) + + if apiResourceConfigSource.VersionEnabled(auditv1alpha1.SchemeGroupVersion) { + apiGroupInfo.VersionedResourcesStorageMap[auditv1alpha1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter) + } + return apiGroupInfo, true +} + +func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage { + storage := map[string]rest.Storage{} + s := auditstorage.NewREST(restOptionsGetter) + storage["auditsinks"] = s + + return storage +} + +// GroupName is the group name for the storage provider +func (p RESTStorageProvider) GroupName() string { + return auditv1alpha1.GroupName +} diff --git a/staging/src/BUILD b/staging/src/BUILD index 80464ee5a18b..b771f0dcb1d6 100644 --- a/staging/src/BUILD +++ b/staging/src/BUILD @@ -128,6 +128,7 @@ filegroup( "//staging/src/k8s.io/client-go/listers/apps/v1:all-srcs", "//staging/src/k8s.io/client-go/listers/apps/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/listers/apps/v1beta2:all-srcs", + "//staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1:all-srcs", "//staging/src/k8s.io/client-go/listers/authentication/v1:all-srcs", "//staging/src/k8s.io/client-go/listers/authentication/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/listers/authorization/v1:all-srcs", diff --git a/staging/src/k8s.io/api/BUILD b/staging/src/k8s.io/api/BUILD index 482955e41496..fe6ca1e4e1bd 100644 --- a/staging/src/k8s.io/api/BUILD +++ b/staging/src/k8s.io/api/BUILD @@ -63,6 +63,7 @@ filegroup( "//staging/src/k8s.io/api/apps/v1:all-srcs", "//staging/src/k8s.io/api/apps/v1beta1:all-srcs", "//staging/src/k8s.io/api/apps/v1beta2:all-srcs", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:all-srcs", "//staging/src/k8s.io/api/authentication/v1:all-srcs", "//staging/src/k8s.io/api/authentication/v1beta1:all-srcs", "//staging/src/k8s.io/api/authorization/v1:all-srcs", diff --git a/staging/src/k8s.io/api/auditregistration/OWNERS b/staging/src/k8s.io/api/auditregistration/OWNERS new file mode 100644 index 000000000000..df96f16bf05b --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/OWNERS @@ -0,0 +1,5 @@ +reviewers: +- lavalamp +- sttts +- tallclair +- pbarker \ No newline at end of file diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD new file mode 100644 index 000000000000..5f1523e0f002 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "generated.pb.go", + "register.go", + "types.go", + "types_swagger_doc_generated.go", + "zz_generated.deepcopy.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1", + importpath = "k8s.io/api/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/github.com/gogo/protobuf/proto:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go new file mode 100644 index 000000000000..c0d184a99843 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go @@ -0,0 +1,22 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:deepcopy-gen=package +// +k8s:openapi-gen=true + +// +groupName=auditregistration.k8s.io + +package v1alpha1 // import "k8s.io/api/auditregistration/v1alpha1" diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go new file mode 100644 index 000000000000..399d92b380ea --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go @@ -0,0 +1,1685 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto + +/* + Package v1alpha1 is a generated protocol buffer package. + + It is generated from these files: + k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto + + It has these top-level messages: + AuditSink + AuditSinkList + AuditSinkSpec + Policy + ServiceReference + Webhook + WebhookClientConfig + WebhookThrottleConfig +*/ +package v1alpha1 + +import proto "github.com/gogo/protobuf/proto" +import fmt "fmt" +import math "math" + +import strings "strings" +import reflect "reflect" + +import io "io" + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package + +func (m *AuditSink) Reset() { *m = AuditSink{} } +func (*AuditSink) ProtoMessage() {} +func (*AuditSink) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} } + +func (m *AuditSinkList) Reset() { *m = AuditSinkList{} } +func (*AuditSinkList) ProtoMessage() {} +func (*AuditSinkList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} } + +func (m *AuditSinkSpec) Reset() { *m = AuditSinkSpec{} } +func (*AuditSinkSpec) ProtoMessage() {} +func (*AuditSinkSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} } + +func (m *Policy) Reset() { *m = Policy{} } +func (*Policy) ProtoMessage() {} +func (*Policy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} } + +func (m *ServiceReference) Reset() { *m = ServiceReference{} } +func (*ServiceReference) ProtoMessage() {} +func (*ServiceReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} } + +func (m *Webhook) Reset() { *m = Webhook{} } +func (*Webhook) ProtoMessage() {} +func (*Webhook) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} } + +func (m *WebhookClientConfig) Reset() { *m = WebhookClientConfig{} } +func (*WebhookClientConfig) ProtoMessage() {} +func (*WebhookClientConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} } + +func (m *WebhookThrottleConfig) Reset() { *m = WebhookThrottleConfig{} } +func (*WebhookThrottleConfig) ProtoMessage() {} +func (*WebhookThrottleConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} } + +func init() { + proto.RegisterType((*AuditSink)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSink") + proto.RegisterType((*AuditSinkList)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSinkList") + proto.RegisterType((*AuditSinkSpec)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSinkSpec") + proto.RegisterType((*Policy)(nil), "k8s.io.api.auditregistration.v1alpha1.Policy") + proto.RegisterType((*ServiceReference)(nil), "k8s.io.api.auditregistration.v1alpha1.ServiceReference") + proto.RegisterType((*Webhook)(nil), "k8s.io.api.auditregistration.v1alpha1.Webhook") + proto.RegisterType((*WebhookClientConfig)(nil), "k8s.io.api.auditregistration.v1alpha1.WebhookClientConfig") + proto.RegisterType((*WebhookThrottleConfig)(nil), "k8s.io.api.auditregistration.v1alpha1.WebhookThrottleConfig") +} +func (m *AuditSink) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AuditSink) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size())) + n1, err := m.ObjectMeta.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n1 + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size())) + n2, err := m.Spec.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n2 + return i, nil +} + +func (m *AuditSinkList) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AuditSinkList) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size())) + n3, err := m.ListMeta.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n3 + if len(m.Items) > 0 { + for _, msg := range m.Items { + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } + return i, nil +} + +func (m *AuditSinkSpec) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AuditSinkSpec) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Policy.Size())) + n4, err := m.Policy.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n4 + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Webhook.Size())) + n5, err := m.Webhook.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n5 + return i, nil +} + +func (m *Policy) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Policy) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Level))) + i += copy(dAtA[i:], m.Level) + if len(m.Stages) > 0 { + for _, s := range m.Stages { + dAtA[i] = 0x12 + i++ + l = len(s) + for l >= 1<<7 { + dAtA[i] = uint8(uint64(l)&0x7f | 0x80) + l >>= 7 + i++ + } + dAtA[i] = uint8(l) + i++ + i += copy(dAtA[i:], s) + } + } + return i, nil +} + +func (m *ServiceReference) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *ServiceReference) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Namespace))) + i += copy(dAtA[i:], m.Namespace) + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name))) + i += copy(dAtA[i:], m.Name) + if m.Path != nil { + dAtA[i] = 0x1a + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(*m.Path))) + i += copy(dAtA[i:], *m.Path) + } + return i, nil +} + +func (m *Webhook) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Webhook) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.Throttle != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Throttle.Size())) + n6, err := m.Throttle.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n6 + } + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ClientConfig.Size())) + n7, err := m.ClientConfig.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n7 + return i, nil +} + +func (m *WebhookClientConfig) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *WebhookClientConfig) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.URL != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(*m.URL))) + i += copy(dAtA[i:], *m.URL) + } + if m.Service != nil { + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Service.Size())) + n8, err := m.Service.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n8 + } + if m.CABundle != nil { + dAtA[i] = 0x1a + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.CABundle))) + i += copy(dAtA[i:], m.CABundle) + } + return i, nil +} + +func (m *WebhookThrottleConfig) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *WebhookThrottleConfig) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.QPS != nil { + dAtA[i] = 0x8 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(*m.QPS)) + } + if m.Burst != nil { + dAtA[i] = 0x10 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(*m.Burst)) + } + return i, nil +} + +func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int { + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return offset + 1 +} +func (m *AuditSink) Size() (n int) { + var l int + _ = l + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) + l = m.Spec.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *AuditSinkList) Size() (n int) { + var l int + _ = l + l = m.ListMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) + if len(m.Items) > 0 { + for _, e := range m.Items { + l = e.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + +func (m *AuditSinkSpec) Size() (n int) { + var l int + _ = l + l = m.Policy.Size() + n += 1 + l + sovGenerated(uint64(l)) + l = m.Webhook.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *Policy) Size() (n int) { + var l int + _ = l + l = len(m.Level) + n += 1 + l + sovGenerated(uint64(l)) + if len(m.Stages) > 0 { + for _, s := range m.Stages { + l = len(s) + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + +func (m *ServiceReference) Size() (n int) { + var l int + _ = l + l = len(m.Namespace) + n += 1 + l + sovGenerated(uint64(l)) + l = len(m.Name) + n += 1 + l + sovGenerated(uint64(l)) + if m.Path != nil { + l = len(*m.Path) + n += 1 + l + sovGenerated(uint64(l)) + } + return n +} + +func (m *Webhook) Size() (n int) { + var l int + _ = l + if m.Throttle != nil { + l = m.Throttle.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + l = m.ClientConfig.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *WebhookClientConfig) Size() (n int) { + var l int + _ = l + if m.URL != nil { + l = len(*m.URL) + n += 1 + l + sovGenerated(uint64(l)) + } + if m.Service != nil { + l = m.Service.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + if m.CABundle != nil { + l = len(m.CABundle) + n += 1 + l + sovGenerated(uint64(l)) + } + return n +} + +func (m *WebhookThrottleConfig) Size() (n int) { + var l int + _ = l + if m.QPS != nil { + n += 1 + sovGenerated(uint64(*m.QPS)) + } + if m.Burst != nil { + n += 1 + sovGenerated(uint64(*m.Burst)) + } + return n +} + +func sovGenerated(x uint64) (n int) { + for { + n++ + x >>= 7 + if x == 0 { + break + } + } + return n +} +func sozGenerated(x uint64) (n int) { + return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *AuditSink) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&AuditSink{`, + `ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`, + `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "AuditSinkSpec", "AuditSinkSpec", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *AuditSinkList) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&AuditSinkList{`, + `ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`, + `Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "AuditSink", "AuditSink", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *AuditSinkSpec) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&AuditSinkSpec{`, + `Policy:` + strings.Replace(strings.Replace(this.Policy.String(), "Policy", "Policy", 1), `&`, ``, 1) + `,`, + `Webhook:` + strings.Replace(strings.Replace(this.Webhook.String(), "Webhook", "Webhook", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *Policy) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Policy{`, + `Level:` + fmt.Sprintf("%v", this.Level) + `,`, + `Stages:` + fmt.Sprintf("%v", this.Stages) + `,`, + `}`, + }, "") + return s +} +func (this *ServiceReference) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&ServiceReference{`, + `Namespace:` + fmt.Sprintf("%v", this.Namespace) + `,`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Path:` + valueToStringGenerated(this.Path) + `,`, + `}`, + }, "") + return s +} +func (this *Webhook) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Webhook{`, + `Throttle:` + strings.Replace(fmt.Sprintf("%v", this.Throttle), "WebhookThrottleConfig", "WebhookThrottleConfig", 1) + `,`, + `ClientConfig:` + strings.Replace(strings.Replace(this.ClientConfig.String(), "WebhookClientConfig", "WebhookClientConfig", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *WebhookClientConfig) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&WebhookClientConfig{`, + `URL:` + valueToStringGenerated(this.URL) + `,`, + `Service:` + strings.Replace(fmt.Sprintf("%v", this.Service), "ServiceReference", "ServiceReference", 1) + `,`, + `CABundle:` + valueToStringGenerated(this.CABundle) + `,`, + `}`, + }, "") + return s +} +func (this *WebhookThrottleConfig) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&WebhookThrottleConfig{`, + `QPS:` + valueToStringGenerated(this.QPS) + `,`, + `Burst:` + valueToStringGenerated(this.Burst) + `,`, + `}`, + }, "") + return s +} +func valueToStringGenerated(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *AuditSink) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AuditSink: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AuditSink: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AuditSinkList) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AuditSinkList: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AuditSinkList: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Items = append(m.Items, AuditSink{}) + if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AuditSinkSpec) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AuditSinkSpec: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AuditSinkSpec: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Policy", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Policy.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Webhook", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Webhook.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Policy) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Policy: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Policy: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Level", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Level = Level(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Stages", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Stages = append(m.Stages, Stage(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ServiceReference) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ServiceReference: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ServiceReference: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Namespace = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Path", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + s := string(dAtA[iNdEx:postIndex]) + m.Path = &s + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Webhook) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Webhook: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Webhook: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Throttle", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Throttle == nil { + m.Throttle = &WebhookThrottleConfig{} + } + if err := m.Throttle.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ClientConfig", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ClientConfig.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *WebhookClientConfig) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: WebhookClientConfig: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: WebhookClientConfig: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field URL", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + s := string(dAtA[iNdEx:postIndex]) + m.URL = &s + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Service == nil { + m.Service = &ServiceReference{} + } + if err := m.Service.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CABundle", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + byteLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.CABundle = append(m.CABundle[:0], dAtA[iNdEx:postIndex]...) + if m.CABundle == nil { + m.CABundle = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *WebhookThrottleConfig) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: WebhookThrottleConfig: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: WebhookThrottleConfig: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field QPS", wireType) + } + var v int64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= (int64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + m.QPS = &v + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Burst", wireType) + } + var v int64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= (int64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + m.Burst = &v + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipGenerated(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + return iNdEx, nil + case 1: + iNdEx += 8 + return iNdEx, nil + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + iNdEx += length + if length < 0 { + return 0, ErrInvalidLengthGenerated + } + return iNdEx, nil + case 3: + for { + var innerWire uint64 + var start int = iNdEx + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + innerWire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + innerWireType := int(innerWire & 0x7) + if innerWireType == 4 { + break + } + next, err := skipGenerated(dAtA[start:]) + if err != nil { + return 0, err + } + iNdEx = start + next + } + return iNdEx, nil + case 4: + return iNdEx, nil + case 5: + iNdEx += 4 + return iNdEx, nil + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + } + panic("unreachable") +} + +var ( + ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowGenerated = fmt.Errorf("proto: integer overflow") +) + +func init() { + proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto", fileDescriptorGenerated) +} + +var fileDescriptorGenerated = []byte{ + // 747 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x52, 0x41, 0x6f, 0xd3, 0x48, + 0x14, 0x8e, 0x9b, 0xa4, 0x49, 0xa6, 0xe9, 0x6e, 0x77, 0xba, 0xbb, 0xca, 0x56, 0x2b, 0xa7, 0xb2, + 0xb4, 0x52, 0xa5, 0xdd, 0x8e, 0xb7, 0xa8, 0x02, 0x84, 0xb8, 0xd4, 0x3d, 0x21, 0x95, 0x52, 0x26, + 0x14, 0x04, 0x42, 0x88, 0x89, 0xf3, 0x62, 0x0f, 0x49, 0x6c, 0x63, 0x8f, 0x83, 0x7a, 0x43, 0xe2, + 0x0f, 0xf0, 0x7b, 0xb8, 0x21, 0x81, 0xd4, 0x63, 0x8f, 0x3d, 0x55, 0x34, 0x1c, 0xf8, 0x0f, 0x9c, + 0xd0, 0x8c, 0xc7, 0x49, 0x68, 0x8a, 0x48, 0x6f, 0x33, 0xdf, 0xbc, 0xef, 0x7b, 0xdf, 0xf7, 0xde, + 0xa0, 0xfd, 0xde, 0xcd, 0x84, 0xf0, 0xd0, 0xee, 0xa5, 0x6d, 0x88, 0x03, 0x10, 0x90, 0xd8, 0x43, + 0x08, 0x3a, 0x61, 0x6c, 0xeb, 0x07, 0x16, 0x71, 0x9b, 0xa5, 0x1d, 0x2e, 0x62, 0xf0, 0x78, 0x22, + 0x62, 0x26, 0x78, 0x18, 0xd8, 0xc3, 0x2d, 0xd6, 0x8f, 0x7c, 0xb6, 0x65, 0x7b, 0x10, 0x40, 0xcc, + 0x04, 0x74, 0x48, 0x14, 0x87, 0x22, 0xc4, 0xff, 0x64, 0x34, 0xc2, 0x22, 0x4e, 0x66, 0x68, 0x24, + 0xa7, 0xad, 0x6d, 0x7a, 0x5c, 0xf8, 0x69, 0x9b, 0xb8, 0xe1, 0xc0, 0xf6, 0x42, 0x2f, 0xb4, 0x15, + 0xbb, 0x9d, 0x76, 0xd5, 0x4d, 0x5d, 0xd4, 0x29, 0x53, 0x5d, 0xdb, 0x9e, 0x98, 0x19, 0x30, 0xd7, + 0xe7, 0x01, 0xc4, 0x47, 0x76, 0xd4, 0xf3, 0x24, 0x90, 0xd8, 0x03, 0x10, 0xcc, 0x1e, 0xce, 0x78, + 0x59, 0xb3, 0x7f, 0xc4, 0x8a, 0xd3, 0x40, 0xf0, 0x01, 0xcc, 0x10, 0xae, 0xff, 0x8c, 0x90, 0xb8, + 0x3e, 0x0c, 0xd8, 0x45, 0x9e, 0xf5, 0xd1, 0x40, 0xb5, 0x1d, 0x19, 0xb6, 0xc5, 0x83, 0x1e, 0x7e, + 0x8e, 0xaa, 0xd2, 0x51, 0x87, 0x09, 0xd6, 0x30, 0xd6, 0x8d, 0x8d, 0xa5, 0x6b, 0xff, 0x93, 0xc9, + 0x54, 0xc6, 0xc2, 0x24, 0xea, 0x79, 0x12, 0x48, 0x88, 0xac, 0x26, 0xc3, 0x2d, 0x72, 0xaf, 0xfd, + 0x02, 0x5c, 0x71, 0x17, 0x04, 0x73, 0xf0, 0xf1, 0x59, 0xb3, 0x30, 0x3a, 0x6b, 0xa2, 0x09, 0x46, + 0xc7, 0xaa, 0xf8, 0x21, 0x2a, 0x25, 0x11, 0xb8, 0x8d, 0x05, 0xa5, 0xbe, 0x4d, 0xe6, 0x9a, 0x39, + 0x19, 0x3b, 0x6c, 0x45, 0xe0, 0x3a, 0x75, 0xdd, 0xa1, 0x24, 0x6f, 0x54, 0xe9, 0x59, 0x1f, 0x0c, + 0xb4, 0x3c, 0xae, 0xda, 0xe3, 0x89, 0xc0, 0x4f, 0x67, 0xb2, 0x90, 0xf9, 0xb2, 0x48, 0xb6, 0x4a, + 0xb2, 0xa2, 0xfb, 0x54, 0x73, 0x64, 0x2a, 0xc7, 0x21, 0x2a, 0x73, 0x01, 0x83, 0xa4, 0xb1, 0xb0, + 0x5e, 0xbc, 0x30, 0xa6, 0xb9, 0x82, 0x38, 0xcb, 0x5a, 0xbc, 0x7c, 0x47, 0xca, 0xd0, 0x4c, 0xcd, + 0x7a, 0x3f, 0x1d, 0x43, 0xc6, 0xc3, 0x87, 0x68, 0x31, 0x0a, 0xfb, 0xdc, 0x3d, 0xd2, 0x21, 0x36, + 0xe7, 0xec, 0x74, 0xa0, 0x48, 0xce, 0x2f, 0xba, 0xcd, 0x62, 0x76, 0xa7, 0x5a, 0x0c, 0x3f, 0x46, + 0x95, 0x57, 0xd0, 0xf6, 0xc3, 0xb0, 0xa7, 0x57, 0x41, 0xe6, 0xd4, 0x7d, 0x94, 0xb1, 0x9c, 0x5f, + 0xb5, 0x70, 0x45, 0x03, 0x34, 0xd7, 0xb3, 0x5c, 0xa4, 0x9b, 0xe1, 0xff, 0x50, 0xb9, 0x0f, 0x43, + 0xe8, 0x2b, 0xeb, 0x35, 0xe7, 0xcf, 0x3c, 0xf2, 0x9e, 0x04, 0xbf, 0xe6, 0x07, 0x9a, 0x15, 0xe1, + 0x7f, 0xd1, 0x62, 0x22, 0x98, 0x07, 0xd9, 0x4c, 0x6b, 0xce, 0xaa, 0xb4, 0xdd, 0x52, 0x88, 0xac, + 0x55, 0x27, 0xaa, 0x4b, 0xac, 0x37, 0x06, 0x5a, 0x69, 0x41, 0x3c, 0xe4, 0x2e, 0x50, 0xe8, 0x42, + 0x0c, 0x81, 0x0b, 0xd8, 0x46, 0xb5, 0x80, 0x0d, 0x20, 0x89, 0x98, 0x0b, 0xba, 0xe7, 0x6f, 0xba, + 0x67, 0x6d, 0x3f, 0x7f, 0xa0, 0x93, 0x1a, 0xbc, 0x8e, 0x4a, 0xf2, 0xa2, 0x46, 0x50, 0x9b, 0xfc, + 0x2b, 0x59, 0x4b, 0xd5, 0x0b, 0xfe, 0x1b, 0x95, 0x22, 0x26, 0xfc, 0x46, 0x51, 0x55, 0x54, 0xe5, + 0xeb, 0x01, 0x13, 0x3e, 0x55, 0xa8, 0xf5, 0xc5, 0x40, 0x79, 0x7e, 0xdc, 0x45, 0x55, 0xe1, 0xc7, + 0xa1, 0x10, 0x7d, 0xd0, 0xab, 0xba, 0x7d, 0xb5, 0x91, 0x3e, 0xd0, 0xec, 0xdd, 0x30, 0xe8, 0x72, + 0xcf, 0xa9, 0xcb, 0x9f, 0x97, 0x63, 0x74, 0xac, 0x8d, 0x05, 0xaa, 0xbb, 0x7d, 0x0e, 0x81, 0xc8, + 0xea, 0xf4, 0xfa, 0x6e, 0x5d, 0xad, 0xd7, 0xee, 0x94, 0x82, 0xf3, 0xbb, 0xce, 0x5d, 0x9f, 0x46, + 0xe9, 0x77, 0x5d, 0xac, 0x77, 0x06, 0x5a, 0xbd, 0x84, 0x8b, 0xff, 0x42, 0xc5, 0x34, 0xce, 0x17, + 0x5c, 0x19, 0x9d, 0x35, 0x8b, 0x87, 0x74, 0x8f, 0x4a, 0x0c, 0x3f, 0x43, 0x95, 0x24, 0xdb, 0x90, + 0xf6, 0x78, 0x63, 0x4e, 0x8f, 0x17, 0xf7, 0xea, 0x2c, 0xc9, 0x7f, 0x96, 0xa3, 0xb9, 0x28, 0xde, + 0x40, 0x55, 0x97, 0x39, 0x69, 0xd0, 0xe9, 0x83, 0x5a, 0x4f, 0x3d, 0x1b, 0xd9, 0xee, 0x4e, 0x86, + 0xd1, 0xf1, 0xab, 0xd5, 0x42, 0x7f, 0x5c, 0x3a, 0x63, 0xe9, 0xfe, 0x65, 0x94, 0x28, 0xf7, 0xc5, + 0xcc, 0xfd, 0xfd, 0x83, 0x16, 0x95, 0x18, 0x6e, 0xa2, 0x72, 0x3b, 0x8d, 0x13, 0xa1, 0xbc, 0x17, + 0x9d, 0x9a, 0xfc, 0xb7, 0x8e, 0x04, 0x68, 0x86, 0x3b, 0xe4, 0xf8, 0xdc, 0x2c, 0x9c, 0x9c, 0x9b, + 0x85, 0xd3, 0x73, 0xb3, 0xf0, 0x7a, 0x64, 0x1a, 0xc7, 0x23, 0xd3, 0x38, 0x19, 0x99, 0xc6, 0xe9, + 0xc8, 0x34, 0x3e, 0x8d, 0x4c, 0xe3, 0xed, 0x67, 0xb3, 0xf0, 0xa4, 0x9a, 0xa7, 0xfa, 0x16, 0x00, + 0x00, 0xff, 0xff, 0x55, 0x1b, 0x03, 0x56, 0xaf, 0x06, 0x00, 0x00, +} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto new file mode 100644 index 000000000000..ba42a1cf38f7 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto @@ -0,0 +1,159 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + + +// This file was autogenerated by go-to-protobuf. Do not edit it manually! + +syntax = 'proto2'; + +package k8s.io.api.auditregistration.v1alpha1; + +import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; +import "k8s.io/apimachinery/pkg/runtime/generated.proto"; +import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; + +// Package-wide variables from generator "generated". +option go_package = "v1alpha1"; + +// AuditSink represents a cluster level audit sink +message AuditSink { + // +optional + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; + + // Spec defines the audit configuration spec + optional AuditSinkSpec spec = 2; +} + +// AuditSinkList is a list of AuditSink items. +message AuditSinkList { + // +optional + optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; + + // List of audit configurations. + repeated AuditSink items = 2; +} + +// AuditSinkSpec holds the spec for the audit sink +message AuditSinkSpec { + // Policy defines the policy for selecting which events should be sent to the webhook + // required + optional Policy policy = 1; + + // Webhook to send events + // required + optional Webhook webhook = 2; +} + +// Policy defines the configuration of how audit events are logged +message Policy { + // The Level that all requests are recorded at. + // available options: None, Metadata, Request, RequestResponse + // required + optional string level = 1; + + // Stages is a list of stages for which events are created. + // +optional + repeated string stages = 2; +} + +// ServiceReference holds a reference to Service.legacy.k8s.io +message ServiceReference { + // `namespace` is the namespace of the service. + // Required + optional string namespace = 1; + + // `name` is the name of the service. + // Required + optional string name = 2; + + // `path` is an optional URL path which will be sent in any request to + // this service. + // +optional + optional string path = 3; +} + +// Webhook holds the configuration of the webhook +message Webhook { + // Throttle holds the options for throttling the webhook + // +optional + optional WebhookThrottleConfig throttle = 1; + + // ClientConfig holds the connection parameters for the webhook + // required + optional WebhookClientConfig clientConfig = 2; +} + +// WebhookClientConfig contains the information to make a connection with the webhook +message WebhookClientConfig { + // `url` gives the location of the webhook, in standard URL form + // (`[scheme://]host:port/path`). Exactly one of `url` or `service` + // must be specified. + // + // The `host` should not refer to a service running in the cluster; use + // the `service` field instead. The host might be resolved via external + // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve + // in-cluster DNS as that would be a layering violation). `host` may + // also be an IP address. + // + // Please note that using `localhost` or `127.0.0.1` as a `host` is + // risky unless you take great care to run this webhook on all hosts + // which run an apiserver which might need to make calls to this + // webhook. Such installs are likely to be non-portable, i.e., not easy + // to turn up in a new cluster. + // + // The scheme must be "https"; the URL must begin with "https://". + // + // A path is optional, and if present may be any string permissible in + // a URL. You may use the path to pass an arbitrary string to the + // webhook, for example, a cluster identifier. + // + // Attempting to use a user or basic auth e.g. "user:password@" is not + // allowed. Fragments ("#...") and query parameters ("?...") are not + // allowed, either. + // + // +optional + optional string url = 1; + + // `service` is a reference to the service for this webhook. Either + // `service` or `url` must be specified. + // + // If the webhook is running within the cluster, then you should use `service`. + // + // Port 443 will be used if it is open, otherwise it is an error. + // + // +optional + optional ServiceReference service = 2; + + // `caBundle` is a PEM encoded CA bundle which will be used to validate + // the webhook's server certificate. + // defaults to the apiservers CA bundle for the endpoint type + // +optional + optional bytes caBundle = 3; +} + +// WebhookThrottleConfig holds the configuration for throttling events +message WebhookThrottleConfig { + // ThrottleQPS maximum number of batches per second + // default 10 QPS + // +optional + optional int64 qps = 1; + + // ThrottleBurst is the maximum number of events sent at the same moment + // default 15 QPS + // +optional + optional int64 burst = 2; +} + diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go new file mode 100644 index 000000000000..d6271608f00c --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go @@ -0,0 +1,56 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name use in this package +const GroupName = "auditregistration.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &AuditSink{}, + &AuditSinkList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go new file mode 100644 index 000000000000..a7ef9d13fc5b --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go @@ -0,0 +1,195 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:openapi-gen=true + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// Level defines the amount of information logged during auditing +type Level string + +// Valid audit levels +const ( + // LevelNone disables auditing + LevelNone Level = "None" + // LevelMetadata provides the basic level of auditing. + LevelMetadata Level = "Metadata" + // LevelRequest provides Metadata level of auditing, and additionally + // logs the request object (does not apply for non-resource requests). + LevelRequest Level = "Request" + // LevelRequestResponse provides Request level of auditing, and additionally + // logs the response object (does not apply for non-resource requests and watches). + LevelRequestResponse Level = "RequestResponse" +) + +// Stage defines the stages in request handling during which audit events may be generated. +type Stage string + +// Valid audit stages. +const ( + // The stage for events generated after the audit handler receives the request, but before it + // is delegated down the handler chain. + StageRequestReceived = "RequestReceived" + // The stage for events generated after the response headers are sent, but before the response body + // is sent. This stage is only generated for long-running requests (e.g. watch). + StageResponseStarted = "ResponseStarted" + // The stage for events generated after the response body has been completed, and no more bytes + // will be sent. + StageResponseComplete = "ResponseComplete" + // The stage for events generated when a panic occurred. + StagePanic = "Panic" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSink represents a cluster level audit sink +type AuditSink struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // Spec defines the audit configuration spec + Spec AuditSinkSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` +} + +// AuditSinkSpec holds the spec for the audit sink +type AuditSinkSpec struct { + // Policy defines the policy for selecting which events should be sent to the webhook + // required + Policy Policy `json:"policy" protobuf:"bytes,1,opt,name=policy"` + + // Webhook to send events + // required + Webhook Webhook `json:"webhook" protobuf:"bytes,2,opt,name=webhook"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSinkList is a list of AuditSink items. +type AuditSinkList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // List of audit configurations. + Items []AuditSink `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// Policy defines the configuration of how audit events are logged +type Policy struct { + // The Level that all requests are recorded at. + // available options: None, Metadata, Request, RequestResponse + // required + Level Level `json:"level" protobuf:"bytes,1,opt,name=level"` + + // Stages is a list of stages for which events are created. + // +optional + Stages []Stage `json:"stages" protobuf:"bytes,2,opt,name=stages"` +} + +// Webhook holds the configuration of the webhook +type Webhook struct { + // Throttle holds the options for throttling the webhook + // +optional + Throttle *WebhookThrottleConfig `json:"throttle,omitempty" protobuf:"bytes,1,opt,name=throttle"` + + // ClientConfig holds the connection parameters for the webhook + // required + ClientConfig WebhookClientConfig `json:"clientConfig" protobuf:"bytes,2,opt,name=clientConfig"` +} + +// WebhookThrottleConfig holds the configuration for throttling events +type WebhookThrottleConfig struct { + // ThrottleQPS maximum number of batches per second + // default 10 QPS + // +optional + QPS *int64 `json:"qps,omitempty" protobuf:"bytes,1,opt,name=qps"` + + // ThrottleBurst is the maximum number of events sent at the same moment + // default 15 QPS + // +optional + Burst *int64 `json:"burst,omitempty" protobuf:"bytes,2,opt,name=burst"` +} + +// WebhookClientConfig contains the information to make a connection with the webhook +type WebhookClientConfig struct { + // `url` gives the location of the webhook, in standard URL form + // (`[scheme://]host:port/path`). Exactly one of `url` or `service` + // must be specified. + // + // The `host` should not refer to a service running in the cluster; use + // the `service` field instead. The host might be resolved via external + // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve + // in-cluster DNS as that would be a layering violation). `host` may + // also be an IP address. + // + // Please note that using `localhost` or `127.0.0.1` as a `host` is + // risky unless you take great care to run this webhook on all hosts + // which run an apiserver which might need to make calls to this + // webhook. Such installs are likely to be non-portable, i.e., not easy + // to turn up in a new cluster. + // + // The scheme must be "https"; the URL must begin with "https://". + // + // A path is optional, and if present may be any string permissible in + // a URL. You may use the path to pass an arbitrary string to the + // webhook, for example, a cluster identifier. + // + // Attempting to use a user or basic auth e.g. "user:password@" is not + // allowed. Fragments ("#...") and query parameters ("?...") are not + // allowed, either. + // + // +optional + URL *string `json:"url,omitempty" protobuf:"bytes,1,opt,name=url"` + + // `service` is a reference to the service for this webhook. Either + // `service` or `url` must be specified. + // + // If the webhook is running within the cluster, then you should use `service`. + // + // Port 443 will be used if it is open, otherwise it is an error. + // + // +optional + Service *ServiceReference `json:"service" protobuf:"bytes,2,opt,name=service"` + + // `caBundle` is a PEM encoded CA bundle which will be used to validate + // the webhook's server certificate. + // defaults to the apiservers CA bundle for the endpoint type + // +optional + CABundle []byte `json:"caBundle" protobuf:"bytes,3,opt,name=caBundle"` +} + +// ServiceReference holds a reference to Service.legacy.k8s.io +type ServiceReference struct { + // `namespace` is the namespace of the service. + // Required + Namespace string `json:"namespace" protobuf:"bytes,1,opt,name=namespace"` + + // `name` is the name of the service. + // Required + Name string `json:"name" protobuf:"bytes,2,opt,name=name"` + + // `path` is an optional URL path which will be sent in any request to + // this service. + // +optional + Path *string `json:"path,omitempty" protobuf:"bytes,3,opt,name=path"` +} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go new file mode 100644 index 000000000000..914932e6aa71 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go @@ -0,0 +1,110 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +// This file contains a collection of methods that can be used from go-restful to +// generate Swagger API documentation for its models. Please read this PR for more +// information on the implementation: https://github.com/emicklei/go-restful/pull/215 +// +// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if +// they are on one line! For multiple line or blocks that you want to ignore use ---. +// Any context after a --- is ignored. +// +// Those methods can be generated by using hack/update-generated-swagger-docs.sh + +// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT. +var map_AuditSink = map[string]string{ + "": "AuditSink represents a cluster level audit sink", + "spec": "Spec defines the audit configuration spec", +} + +func (AuditSink) SwaggerDoc() map[string]string { + return map_AuditSink +} + +var map_AuditSinkList = map[string]string{ + "": "AuditSinkList is a list of AuditSink items.", + "items": "List of audit configurations.", +} + +func (AuditSinkList) SwaggerDoc() map[string]string { + return map_AuditSinkList +} + +var map_AuditSinkSpec = map[string]string{ + "": "AuditSinkSpec holds the spec for the audit sink", + "policy": "Policy defines the policy for selecting which events should be sent to the webhook required", + "webhook": "Webhook to send events required", +} + +func (AuditSinkSpec) SwaggerDoc() map[string]string { + return map_AuditSinkSpec +} + +var map_Policy = map[string]string{ + "": "Policy defines the configuration of how audit events are logged", + "level": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required", + "stages": "Stages is a list of stages for which events are created.", +} + +func (Policy) SwaggerDoc() map[string]string { + return map_Policy +} + +var map_ServiceReference = map[string]string{ + "": "ServiceReference holds a reference to Service.legacy.k8s.io", + "namespace": "`namespace` is the namespace of the service. Required", + "name": "`name` is the name of the service. Required", + "path": "`path` is an optional URL path which will be sent in any request to this service.", +} + +func (ServiceReference) SwaggerDoc() map[string]string { + return map_ServiceReference +} + +var map_Webhook = map[string]string{ + "": "Webhook holds the configuration of the webhook", + "throttle": "Throttle holds the options for throttling the webhook", + "clientConfig": "ClientConfig holds the connection parameters for the webhook required", +} + +func (Webhook) SwaggerDoc() map[string]string { + return map_Webhook +} + +var map_WebhookClientConfig = map[string]string{ + "": "WebhookClientConfig contains the information to make a connection with the webhook", + "url": "`url` gives the location of the webhook, in standard URL form (`[scheme://]host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", + "service": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", + "caBundle": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. defaults to the apiservers CA bundle for the endpoint type", +} + +func (WebhookClientConfig) SwaggerDoc() map[string]string { + return map_WebhookClientConfig +} + +var map_WebhookThrottleConfig = map[string]string{ + "": "WebhookThrottleConfig holds the configuration for throttling events", + "qps": "ThrottleQPS maximum number of batches per second default 10 QPS", + "burst": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS", +} + +func (WebhookThrottleConfig) SwaggerDoc() map[string]string { + return map_WebhookThrottleConfig +} + +// AUTO-GENERATED FUNCTIONS END HERE diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 000000000000..e71deffad371 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,224 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSink) DeepCopyInto(out *AuditSink) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSink. +func (in *AuditSink) DeepCopy() *AuditSink { + if in == nil { + return nil + } + out := new(AuditSink) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSink) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkList) DeepCopyInto(out *AuditSinkList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AuditSink, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkList. +func (in *AuditSinkList) DeepCopy() *AuditSinkList { + if in == nil { + return nil + } + out := new(AuditSinkList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSinkList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkSpec) DeepCopyInto(out *AuditSinkSpec) { + *out = *in + in.Policy.DeepCopyInto(&out.Policy) + in.Webhook.DeepCopyInto(&out.Webhook) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkSpec. +func (in *AuditSinkSpec) DeepCopy() *AuditSinkSpec { + if in == nil { + return nil + } + out := new(AuditSinkSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Policy) DeepCopyInto(out *Policy) { + *out = *in + if in.Stages != nil { + in, out := &in.Stages, &out.Stages + *out = make([]Stage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. +func (in *Policy) DeepCopy() *Policy { + if in == nil { + return nil + } + out := new(Policy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceReference) DeepCopyInto(out *ServiceReference) { + *out = *in + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference. +func (in *ServiceReference) DeepCopy() *ServiceReference { + if in == nil { + return nil + } + out := new(ServiceReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Webhook) DeepCopyInto(out *Webhook) { + *out = *in + if in.Throttle != nil { + in, out := &in.Throttle, &out.Throttle + *out = new(WebhookThrottleConfig) + (*in).DeepCopyInto(*out) + } + in.ClientConfig.DeepCopyInto(&out.ClientConfig) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook. +func (in *Webhook) DeepCopy() *Webhook { + if in == nil { + return nil + } + out := new(Webhook) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig) { + *out = *in + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(ServiceReference) + (*in).DeepCopyInto(*out) + } + if in.CABundle != nil { + in, out := &in.CABundle, &out.CABundle + *out = make([]byte, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig. +func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig { + if in == nil { + return nil + } + out := new(WebhookClientConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookThrottleConfig) DeepCopyInto(out *WebhookThrottleConfig) { + *out = *in + if in.QPS != nil { + in, out := &in.QPS, &out.QPS + *out = new(int64) + **out = **in + } + if in.Burst != nil { + in, out := &in.Burst, &out.Burst + *out = new(int64) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookThrottleConfig. +func (in *WebhookThrottleConfig) DeepCopy() *WebhookThrottleConfig { + if in == nil { + return nil + } + out := new(WebhookThrottleConfig) + in.DeepCopyInto(out) + return out +} diff --git a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json index a73d4784af26..8de05fd42f47 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json @@ -882,6 +882,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1618,6 +1622,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1790,6 +1802,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1914,6 +1930,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiserver/Godeps/Godeps.json index bb3b653bd4b5..55373dcb56f6 100644 --- a/staging/src/k8s.io/apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiserver/Godeps/Godeps.json @@ -902,6 +902,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1254,6 +1258,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1446,6 +1458,14 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1674,6 +1694,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go b/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go index f80aba01ffec..397317f23b2f 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go +++ b/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go @@ -24,6 +24,7 @@ import ( "k8s.io/apiserver/pkg/apis/audit" ) +// ValidatePolicy validates the audit policy func ValidatePolicy(policy *audit.Policy) field.ErrorList { var allErrs field.ErrorList allErrs = append(allErrs, validateOmitStages(policy.OmitStages, field.NewPath("omitStages"))...) diff --git a/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json b/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json index f38506e5480e..280521d27319 100644 --- a/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json +++ b/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json @@ -230,6 +230,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/client-go/Godeps/Godeps.json b/staging/src/k8s.io/client-go/Godeps/Godeps.json index 5c5d92528ff3..e466d41cb3bb 100644 --- a/staging/src/k8s.io/client-go/Godeps/Godeps.json +++ b/staging/src/k8s.io/client-go/Godeps/Godeps.json @@ -294,6 +294,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/client-go/informers/BUILD b/staging/src/k8s.io/client-go/informers/BUILD index d56547686879..24af1356b8c4 100644 --- a/staging/src/k8s.io/client-go/informers/BUILD +++ b/staging/src/k8s.io/client-go/informers/BUILD @@ -15,6 +15,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v2beta1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v2beta2:go_default_library", @@ -42,6 +43,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/client-go/informers/admissionregistration:go_default_library", "//staging/src/k8s.io/client-go/informers/apps:go_default_library", + "//staging/src/k8s.io/client-go/informers/auditregistration:go_default_library", "//staging/src/k8s.io/client-go/informers/autoscaling:go_default_library", "//staging/src/k8s.io/client-go/informers/batch:go_default_library", "//staging/src/k8s.io/client-go/informers/certificates:go_default_library", @@ -74,6 +76,7 @@ filegroup( ":package-srcs", "//staging/src/k8s.io/client-go/informers/admissionregistration:all-srcs", "//staging/src/k8s.io/client-go/informers/apps:all-srcs", + "//staging/src/k8s.io/client-go/informers/auditregistration:all-srcs", "//staging/src/k8s.io/client-go/informers/autoscaling:all-srcs", "//staging/src/k8s.io/client-go/informers/batch:all-srcs", "//staging/src/k8s.io/client-go/informers/certificates:all-srcs", diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/BUILD b/staging/src/k8s.io/client-go/informers/auditregistration/BUILD new file mode 100644 index 000000000000..3a3afe0dac76 --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["interface.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/informers/auditregistration", + importpath = "k8s.io/client-go/informers/auditregistration", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/informers/internalinterfaces:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/interface.go b/staging/src/k8s.io/client-go/informers/auditregistration/interface.go new file mode 100644 index 000000000000..0f1682c478d6 --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/interface.go @@ -0,0 +1,46 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package auditregistration + +import ( + v1alpha1 "k8s.io/client-go/informers/auditregistration/v1alpha1" + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/BUILD new file mode 100644 index 000000000000..846f0d680ec3 --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "interface.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/informers/auditregistration/v1alpha1", + importpath = "k8s.io/client-go/informers/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/informers/internalinterfaces:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go new file mode 100644 index 000000000000..69778ad2cfed --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go @@ -0,0 +1,88 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" + kubernetes "k8s.io/client-go/kubernetes" + v1alpha1 "k8s.io/client-go/listers/auditregistration/v1alpha1" + cache "k8s.io/client-go/tools/cache" +) + +// AuditSinkInformer provides access to a shared informer and lister for +// AuditSinks. +type AuditSinkInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.AuditSinkLister +} + +type auditSinkInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewAuditSinkInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredAuditSinkInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuditregistrationV1alpha1().AuditSinks().List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuditregistrationV1alpha1().AuditSinks().Watch(options) + }, + }, + &auditregistrationv1alpha1.AuditSink{}, + resyncPeriod, + indexers, + ) +} + +func (f *auditSinkInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *auditSinkInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&auditregistrationv1alpha1.AuditSink{}, f.defaultInformer) +} + +func (f *auditSinkInformer) Lister() v1alpha1.AuditSinkLister { + return v1alpha1.NewAuditSinkLister(f.Informer().GetIndexer()) +} diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go new file mode 100644 index 000000000000..0a67ba821df5 --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // AuditSinks returns a AuditSinkInformer. + AuditSinks() AuditSinkInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// AuditSinks returns a AuditSinkInformer. +func (v *version) AuditSinks() AuditSinkInformer { + return &auditSinkInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/staging/src/k8s.io/client-go/informers/factory.go b/staging/src/k8s.io/client-go/informers/factory.go index 7ae22ee2c82a..88ead6213a19 100644 --- a/staging/src/k8s.io/client-go/informers/factory.go +++ b/staging/src/k8s.io/client-go/informers/factory.go @@ -28,6 +28,7 @@ import ( schema "k8s.io/apimachinery/pkg/runtime/schema" admissionregistration "k8s.io/client-go/informers/admissionregistration" apps "k8s.io/client-go/informers/apps" + auditregistration "k8s.io/client-go/informers/auditregistration" autoscaling "k8s.io/client-go/informers/autoscaling" batch "k8s.io/client-go/informers/batch" certificates "k8s.io/client-go/informers/certificates" @@ -188,6 +189,7 @@ type SharedInformerFactory interface { Admissionregistration() admissionregistration.Interface Apps() apps.Interface + Auditregistration() auditregistration.Interface Autoscaling() autoscaling.Interface Batch() batch.Interface Certificates() certificates.Interface @@ -211,6 +213,10 @@ func (f *sharedInformerFactory) Apps() apps.Interface { return apps.New(f, f.namespace, f.tweakListOptions) } +func (f *sharedInformerFactory) Auditregistration() auditregistration.Interface { + return auditregistration.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Autoscaling() autoscaling.Interface { return autoscaling.New(f, f.namespace, f.tweakListOptions) } diff --git a/staging/src/k8s.io/client-go/informers/generic.go b/staging/src/k8s.io/client-go/informers/generic.go index 3af96304a5c5..ab9abf87ee37 100644 --- a/staging/src/k8s.io/client-go/informers/generic.go +++ b/staging/src/k8s.io/client-go/informers/generic.go @@ -26,6 +26,7 @@ import ( v1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" v1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" autoscalingv1 "k8s.io/api/autoscaling/v1" v2beta1 "k8s.io/api/autoscaling/v2beta1" v2beta2 "k8s.io/api/autoscaling/v2beta2" @@ -120,6 +121,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case v1beta2.SchemeGroupVersion.WithResource("statefulsets"): return &genericInformer{resource: resource.GroupResource(), informer: f.Apps().V1beta2().StatefulSets().Informer()}, nil + // Group=auditregistration.k8s.io, Version=v1alpha1 + case auditregistrationv1alpha1.SchemeGroupVersion.WithResource("auditsinks"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Auditregistration().V1alpha1().AuditSinks().Informer()}, nil + // Group=autoscaling, Version=v1 case autoscalingv1.SchemeGroupVersion.WithResource("horizontalpodautoscalers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Autoscaling().V1().HorizontalPodAutoscalers().Informer()}, nil diff --git a/staging/src/k8s.io/client-go/kubernetes/BUILD b/staging/src/k8s.io/client-go/kubernetes/BUILD index fc7ed0d7448a..da4639ae3422 100644 --- a/staging/src/k8s.io/client-go/kubernetes/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/BUILD @@ -17,6 +17,7 @@ go_library( "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authorization/v1:go_default_library", @@ -66,6 +67,7 @@ filegroup( "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2:all-srcs", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/authorization/v1:all-srcs", diff --git a/staging/src/k8s.io/client-go/kubernetes/clientset.go b/staging/src/k8s.io/client-go/kubernetes/clientset.go index 122e4bb7f198..6ad01d6db19a 100644 --- a/staging/src/k8s.io/client-go/kubernetes/clientset.go +++ b/staging/src/k8s.io/client-go/kubernetes/clientset.go @@ -25,6 +25,7 @@ import ( appsv1 "k8s.io/client-go/kubernetes/typed/apps/v1" appsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1" appsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" authenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1" authenticationv1beta1 "k8s.io/client-go/kubernetes/typed/authentication/v1beta1" authorizationv1 "k8s.io/client-go/kubernetes/typed/authorization/v1" @@ -66,6 +67,9 @@ type Interface interface { AppsV1() appsv1.AppsV1Interface // Deprecated: please explicitly pick a version if possible. Apps() appsv1.AppsV1Interface + AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface + // Deprecated: please explicitly pick a version if possible. + Auditregistration() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface AuthenticationV1() authenticationv1.AuthenticationV1Interface // Deprecated: please explicitly pick a version if possible. Authentication() authenticationv1.AuthenticationV1Interface @@ -133,6 +137,7 @@ type Clientset struct { appsV1beta1 *appsv1beta1.AppsV1beta1Client appsV1beta2 *appsv1beta2.AppsV1beta2Client appsV1 *appsv1.AppsV1Client + auditregistrationV1alpha1 *auditregistrationv1alpha1.AuditregistrationV1alpha1Client authenticationV1 *authenticationv1.AuthenticationV1Client authenticationV1beta1 *authenticationv1beta1.AuthenticationV1beta1Client authorizationV1 *authorizationv1.AuthorizationV1Client @@ -198,6 +203,17 @@ func (c *Clientset) Apps() appsv1.AppsV1Interface { return c.appsV1 } +// AuditregistrationV1alpha1 retrieves the AuditregistrationV1alpha1Client +func (c *Clientset) AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return c.auditregistrationV1alpha1 +} + +// Deprecated: Auditregistration retrieves the default version of AuditregistrationClient. +// Please explicitly pick a version. +func (c *Clientset) Auditregistration() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return c.auditregistrationV1alpha1 +} + // AuthenticationV1 retrieves the AuthenticationV1Client func (c *Clientset) AuthenticationV1() authenticationv1.AuthenticationV1Interface { return c.authenticationV1 @@ -454,6 +470,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } + cs.auditregistrationV1alpha1, err = auditregistrationv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } cs.authenticationV1, err = authenticationv1.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -575,6 +595,7 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { cs.appsV1beta1 = appsv1beta1.NewForConfigOrDie(c) cs.appsV1beta2 = appsv1beta2.NewForConfigOrDie(c) cs.appsV1 = appsv1.NewForConfigOrDie(c) + cs.auditregistrationV1alpha1 = auditregistrationv1alpha1.NewForConfigOrDie(c) cs.authenticationV1 = authenticationv1.NewForConfigOrDie(c) cs.authenticationV1beta1 = authenticationv1beta1.NewForConfigOrDie(c) cs.authorizationV1 = authorizationv1.NewForConfigOrDie(c) @@ -614,6 +635,7 @@ func New(c rest.Interface) *Clientset { cs.appsV1beta1 = appsv1beta1.New(c) cs.appsV1beta2 = appsv1beta2.New(c) cs.appsV1 = appsv1.New(c) + cs.auditregistrationV1alpha1 = auditregistrationv1alpha1.New(c) cs.authenticationV1 = authenticationv1.New(c) cs.authenticationV1beta1 = authenticationv1beta1.New(c) cs.authorizationV1 = authorizationv1.New(c) diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/BUILD b/staging/src/k8s.io/client-go/kubernetes/fake/BUILD index 2acd97972cb6..185e530d0bf5 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/fake/BUILD @@ -16,6 +16,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/authentication/v1:go_default_library", "//staging/src/k8s.io/api/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/api/authorization/v1:go_default_library", @@ -61,6 +62,8 @@ go_library( "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1beta1:go_default_library", diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go index a23b3165a04a..47b63ffaed98 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go @@ -34,6 +34,8 @@ import ( fakeappsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1/fake" appsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2" fakeappsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake" + auditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" + fakeauditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake" authenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1" fakeauthenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1/fake" authenticationv1beta1 "k8s.io/client-go/kubernetes/typed/authentication/v1beta1" @@ -166,6 +168,16 @@ func (c *Clientset) Apps() appsv1.AppsV1Interface { return &fakeappsv1.FakeAppsV1{Fake: &c.Fake} } +// AuditregistrationV1alpha1 retrieves the AuditregistrationV1alpha1Client +func (c *Clientset) AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return &fakeauditregistrationv1alpha1.FakeAuditregistrationV1alpha1{Fake: &c.Fake} +} + +// Auditregistration retrieves the AuditregistrationV1alpha1Client +func (c *Clientset) Auditregistration() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return &fakeauditregistrationv1alpha1.FakeAuditregistrationV1alpha1{Fake: &c.Fake} +} + // AuthenticationV1 retrieves the AuthenticationV1Client func (c *Clientset) AuthenticationV1() authenticationv1.AuthenticationV1Interface { return &fakeauthenticationv1.FakeAuthenticationV1{Fake: &c.Fake} diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/register.go b/staging/src/k8s.io/client-go/kubernetes/fake/register.go index c429979688b7..6e1e1fb29365 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/register.go @@ -24,6 +24,7 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authenticationv1beta1 "k8s.io/api/authentication/v1beta1" authorizationv1 "k8s.io/api/authorization/v1" @@ -66,6 +67,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ appsv1beta1.AddToScheme, appsv1beta2.AddToScheme, appsv1.AddToScheme, + auditregistrationv1alpha1.AddToScheme, authenticationv1.AddToScheme, authenticationv1beta1.AddToScheme, authorizationv1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD b/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD index 3490063e7e0b..e36fdd99ea67 100644 --- a/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD @@ -15,6 +15,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/authentication/v1:go_default_library", "//staging/src/k8s.io/api/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/api/authorization/v1:go_default_library", diff --git a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go index 9ca89b76e44f..e336eb9179e0 100644 --- a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go @@ -24,6 +24,7 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authenticationv1beta1 "k8s.io/api/authentication/v1beta1" authorizationv1 "k8s.io/api/authorization/v1" @@ -66,6 +67,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ appsv1beta1.AddToScheme, appsv1beta2.AddToScheme, appsv1.AddToScheme, + auditregistrationv1alpha1.AddToScheme, authenticationv1.AddToScheme, authenticationv1beta1.AddToScheme, authorizationv1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD new file mode 100644 index 000000000000..cb5b1a5ede01 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD @@ -0,0 +1,40 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditregistration_client.go", + "auditsink.go", + "doc.go", + "generated_expansion.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + importpath = "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go new file mode 100644 index 000000000000..f007b05ef7df --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go @@ -0,0 +1,90 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + "k8s.io/client-go/kubernetes/scheme" + rest "k8s.io/client-go/rest" +) + +type AuditregistrationV1alpha1Interface interface { + RESTClient() rest.Interface + AuditSinksGetter +} + +// AuditregistrationV1alpha1Client is used to interact with features provided by the auditregistration.k8s.io group. +type AuditregistrationV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AuditregistrationV1alpha1Client) AuditSinks() AuditSinkInterface { + return newAuditSinks(c) +} + +// NewForConfig creates a new AuditregistrationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuditregistrationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AuditregistrationV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AuditregistrationV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuditregistrationV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuditregistrationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuditregistrationV1alpha1Client { + return &AuditregistrationV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuditregistrationV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go new file mode 100644 index 000000000000..4f91f527ef13 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go @@ -0,0 +1,147 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + scheme "k8s.io/client-go/kubernetes/scheme" + rest "k8s.io/client-go/rest" +) + +// AuditSinksGetter has a method to return a AuditSinkInterface. +// A group's client should implement this interface. +type AuditSinksGetter interface { + AuditSinks() AuditSinkInterface +} + +// AuditSinkInterface has methods to work with AuditSink resources. +type AuditSinkInterface interface { + Create(*v1alpha1.AuditSink) (*v1alpha1.AuditSink, error) + Update(*v1alpha1.AuditSink) (*v1alpha1.AuditSink, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.AuditSink, error) + List(opts v1.ListOptions) (*v1alpha1.AuditSinkList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) + AuditSinkExpansion +} + +// auditSinks implements AuditSinkInterface +type auditSinks struct { + client rest.Interface +} + +// newAuditSinks returns a AuditSinks +func newAuditSinks(c *AuditregistrationV1alpha1Client) *auditSinks { + return &auditSinks{ + client: c.RESTClient(), + } +} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *auditSinks) Get(name string, options v1.GetOptions) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Get(). + Resource("auditsinks"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *auditSinks) List(opts v1.ListOptions) (result *v1alpha1.AuditSinkList, err error) { + result = &v1alpha1.AuditSinkList{} + err = c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *auditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Create(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Post(). + Resource("auditsinks"). + Body(auditSink). + Do(). + Into(result) + return +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Update(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Put(). + Resource("auditsinks"). + Name(auditSink.Name). + Body(auditSink). + Do(). + Into(result) + return +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *auditSinks) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *auditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched auditSink. +func (c *auditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Patch(pt). + Resource("auditsinks"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go new file mode 100644 index 000000000000..df51baa4d4c1 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD new file mode 100644 index 000000000000..76ac78a7db83 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "fake_auditregistration_client.go", + "fake_auditsink.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + importpath = "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/client-go/testing:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go new file mode 100644 index 000000000000..16f44399065e --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go new file mode 100644 index 000000000000..c22acabcf47e --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go @@ -0,0 +1,40 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAuditregistrationV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAuditregistrationV1alpha1) AuditSinks() v1alpha1.AuditSinkInterface { + return &FakeAuditSinks{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuditregistrationV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go new file mode 100644 index 000000000000..d0bb9fd00094 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go @@ -0,0 +1,120 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeAuditSinks implements AuditSinkInterface +type FakeAuditSinks struct { + Fake *FakeAuditregistrationV1alpha1 +} + +var auditsinksResource = schema.GroupVersionResource{Group: "auditregistration.k8s.io", Version: "v1alpha1", Resource: "auditsinks"} + +var auditsinksKind = schema.GroupVersionKind{Group: "auditregistration.k8s.io", Version: "v1alpha1", Kind: "AuditSink"} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *FakeAuditSinks) Get(name string, options v1.GetOptions) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(auditsinksResource, name), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *FakeAuditSinks) List(opts v1.ListOptions) (result *v1alpha1.AuditSinkList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(auditsinksResource, auditsinksKind, opts), &v1alpha1.AuditSinkList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.AuditSinkList{ListMeta: obj.(*v1alpha1.AuditSinkList).ListMeta} + for _, item := range obj.(*v1alpha1.AuditSinkList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *FakeAuditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(auditsinksResource, opts)) +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Create(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(auditsinksResource, auditSink), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Update(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(auditsinksResource, auditSink), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *FakeAuditSinks) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(auditsinksResource, name), &v1alpha1.AuditSink{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAuditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(auditsinksResource, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.AuditSinkList{}) + return err +} + +// Patch applies the patch and returns the patched auditSink. +func (c *FakeAuditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(auditsinksResource, name, pt, data, subresources...), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go new file mode 100644 index 000000000000..f0f511726413 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type AuditSinkExpansion interface{} diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/BUILD new file mode 100644 index 000000000000..c23bd63a4004 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/BUILD @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "expansion_generated.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/listers/auditregistration/v1alpha1", + importpath = "k8s.io/client-go/listers/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go new file mode 100644 index 000000000000..3ae4528c8c35 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go @@ -0,0 +1,65 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// AuditSinkLister helps list AuditSinks. +type AuditSinkLister interface { + // List lists all AuditSinks in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.AuditSink, err error) + // Get retrieves the AuditSink from the index for a given name. + Get(name string) (*v1alpha1.AuditSink, error) + AuditSinkListerExpansion +} + +// auditSinkLister implements the AuditSinkLister interface. +type auditSinkLister struct { + indexer cache.Indexer +} + +// NewAuditSinkLister returns a new AuditSinkLister. +func NewAuditSinkLister(indexer cache.Indexer) AuditSinkLister { + return &auditSinkLister{indexer: indexer} +} + +// List lists all AuditSinks in the indexer. +func (s *auditSinkLister) List(selector labels.Selector) (ret []*v1alpha1.AuditSink, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.AuditSink)) + }) + return ret, err +} + +// Get retrieves the AuditSink from the index for a given name. +func (s *auditSinkLister) Get(name string) (*v1alpha1.AuditSink, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("auditsink"), name) + } + return obj.(*v1alpha1.AuditSink), nil +} diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go new file mode 100644 index 000000000000..533dd0631f96 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go @@ -0,0 +1,23 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// AuditSinkListerExpansion allows custom methods to be added to +// AuditSinkLister. +type AuditSinkListerExpansion interface{} diff --git a/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json b/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json index 5d7be50c2694..f1f23b353174 100644 --- a/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json +++ b/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json @@ -186,6 +186,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -482,6 +486,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -654,6 +666,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -778,6 +794,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/csi-api/Godeps/Godeps.json b/staging/src/k8s.io/csi-api/Godeps/Godeps.json index 59e8397a63df..e99aa4d81057 100644 --- a/staging/src/k8s.io/csi-api/Godeps/Godeps.json +++ b/staging/src/k8s.io/csi-api/Godeps/Godeps.json @@ -190,6 +190,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json index 5d1e2a2a7196..a4825b52a6e1 100644 --- a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json +++ b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json @@ -526,6 +526,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1262,6 +1266,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1434,6 +1446,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1558,6 +1574,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/metrics/Godeps/Godeps.json b/staging/src/k8s.io/metrics/Godeps/Godeps.json index 4d7961b9afaa..75f2f37b22eb 100644 --- a/staging/src/k8s.io/metrics/Godeps/Godeps.json +++ b/staging/src/k8s.io/metrics/Godeps/Godeps.json @@ -194,6 +194,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json index 022329c20726..51954a6bbceb 100644 --- a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json @@ -498,6 +498,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1222,6 +1226,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1394,6 +1406,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1518,6 +1534,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json b/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json index a9257998dc6c..abdb88836117 100644 --- a/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json @@ -218,6 +218,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/sample-controller/Godeps/Godeps.json b/staging/src/k8s.io/sample-controller/Godeps/Godeps.json index 881b2aa962c0..4dc33518aae9 100644 --- a/staging/src/k8s.io/sample-controller/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-controller/Godeps/Godeps.json @@ -202,6 +202,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -514,6 +518,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -710,6 +722,14 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -938,6 +958,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/test/integration/apiserver/BUILD b/test/integration/apiserver/BUILD index 1c283c0ec478..8261c4056985 100644 --- a/test/integration/apiserver/BUILD +++ b/test/integration/apiserver/BUILD @@ -26,6 +26,7 @@ go_test( "//pkg/master:go_default_library", "//pkg/printers:go_default_library", "//pkg/printers/internalversion:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/batch/v2alpha1:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/test/integration/apiserver/print_test.go b/test/integration/apiserver/print_test.go index be5c2c389200..5411492c9061 100644 --- a/test/integration/apiserver/print_test.go +++ b/test/integration/apiserver/print_test.go @@ -26,6 +26,7 @@ import ( "testing" "time" + auditregv1alpha1 "k8s.io/api/auditregistration/v1alpha1" batchv2alpha1 "k8s.io/api/batch/v2alpha1" rbacv1alpha1 "k8s.io/api/rbac/v1alpha1" schedulerapi "k8s.io/api/scheduling/v1beta1" @@ -130,11 +131,13 @@ var missingHanlders = sets.NewString( "VolumeAttachment", "PriorityClass", "PodPreset", + "AuditSink", ) func TestServerSidePrint(t *testing.T) { s, _, closeFn := setup(t, // additional groupversions needed for the test to run + auditregv1alpha1.SchemeGroupVersion, batchv2alpha1.SchemeGroupVersion, rbacv1alpha1.SchemeGroupVersion, settingsv1alpha1.SchemeGroupVersion, diff --git a/test/integration/framework/BUILD b/test/integration/framework/BUILD index 412f6772d881..9fb021ed33ae 100644 --- a/test/integration/framework/BUILD +++ b/test/integration/framework/BUILD @@ -29,6 +29,7 @@ go_library( "//pkg/util/env:go_default_library", "//pkg/version:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v1:go_default_library", "//staging/src/k8s.io/api/certificates/v1beta1:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", diff --git a/test/integration/framework/master_utils.go b/test/integration/framework/master_utils.go index 829550dbbf1b..ad464082987b 100644 --- a/test/integration/framework/master_utils.go +++ b/test/integration/framework/master_utils.go @@ -28,6 +28,7 @@ import ( "github.com/pborman/uuid" apps "k8s.io/api/apps/v1beta1" + auditreg "k8s.io/api/auditregistration/v1alpha1" autoscaling "k8s.io/api/autoscaling/v1" certificates "k8s.io/api/certificates/v1beta1" "k8s.io/api/core/v1" @@ -290,6 +291,10 @@ func NewMasterConfig() *master.Config { schema.GroupResource{Group: storage.GroupName, Resource: serverstorage.AllResources}, "", ns) + storageFactory.SetSerializer( + schema.GroupResource{Group: auditreg.GroupName, Resource: serverstorage.AllResources}, + "", + ns) genericConfig := genericapiserver.NewConfig(legacyscheme.Codecs) kubeVersion := version.Get()