Remove imperative auth API resources

CHANGELOG.md

@@ -2,6 +2,8 @@
 
 - Handle resource change from static name to autoname under SSA (https://github.com/pulumi/pulumi-kubernetes/pull/2392)
 - Fix Helm release creation when the name of the chart conflicts with the name of a folder in the current working directory (https://github.com/pulumi/pulumi-kubernetes/pull/2410)
+- Remove imperative authentication and authorization resources: TokenRequest, TokenReview, LocalSubjectAccessReview, 
+    SelfSubjectReview, SelfSubjectAccessReview, SelfSubjectRulesReview, and SubjectAccessReview (https://github.com/pulumi/pulumi-kubernetes/pull/2413)
 
 ## 3.27.1 (May 11, 2023)
 

provider/pkg/gen/kinds/kinds.tmpl

@@ -53,7 +53,6 @@ func (k Kind) Namespaced() (known bool, namespaced bool) {
 		Job,
 		Lease,
 		LimitRange,
-		LocalSubjectAccessReview,
 		NetworkPolicy,
 		PersistentVolumeClaim,
 		Pod,
@@ -85,11 +84,7 @@ func (k Kind) Namespaced() (known bool, namespaced bool) {
 		PodSecurityPolicy,
 		PriorityClass,
 		RuntimeClass,
-		SelfSubjectAccessReview,
-		SelfSubjectRulesReview,
 		StorageClass,
-		SubjectAccessReview,
-		TokenReview,
 		ValidatingWebhookConfiguration,
 		VolumeAttachment:
 		return true, false

provider/pkg/gen/typegen.go

@@ -201,8 +201,29 @@ func (d definition) isTopLevel() bool {
 	// Return `false` for the handful of top-level imperative resource types that can't be managed
 	// by Pulumi.
 	switch fmt.Sprintf("%s/%s", d.gvk.GroupVersion().String(), d.gvk.Kind) {
-	case "policy/v1beta1/Eviction", "policy/v1/Eviction", "v1/Status", "apps/v1beta1/Scale", "apps/v1beta2/Scale",
-		"autoscaling/v1/Scale", "extensions/v1beta1/Scale", "core/v1/ComponentStatus", "core/v1/ComponentStatusList":
+	case
+		"v1/Status",
+		"apps/v1beta1/Scale",
+		"apps/v1beta2/Scale",
+		"authentication/v1/TokenRequest",
+		"authentication/v1/TokenReview",
+		"authentication/v1alpha1/SelfSubjectReview",
+		"authentication/v1beta1/SelfSubjectReview",
+		"authentication/v1beta1/TokenReview",
+		"authorization/v1/LocalSubjectAccessReview",
+		"authorization/v1/SelfSubjectAccessReview",
+		"authorization/v1/SelfSubjectRulesReview",
+		"authorization/v1/SubjectAccessReview",
+		"authorization/v1beta1/LocalSubjectAccessReview",
+		"authorization/v1beta1/SelfSubjectAccessReview",
+		"authorization/v1beta1/SelfSubjectRulesReview",
+		"authorization/v1beta1/SubjectAccessReview",
+		"autoscaling/v1/Scale",
+		"core/v1/ComponentStatus",
+		"core/v1/ComponentStatusList",
+		"extensions/v1beta1/Scale",
+		"policy/v1beta1/Eviction",
+		"policy/v1/Eviction":
 		return false
 	}
 

provider/pkg/kinds/deprecated.go

@@ -147,11 +147,6 @@ func AddedInVersion(gvk *schema.GroupVersionKind) *cluster.ServerVersion {
 		case AuditSink, AuditSinkList:
 			return &v113
 		}
-	case AuthenticationV1:
-		switch k {
-		case TokenRequest:
-			return &v116
-		}
 	case AutoscalingV2B2:
 		switch k {
 		case HorizontalPodAutoscaler, HorizontalPodAutoscalerList:
@@ -276,10 +271,6 @@ func RemovedInVersion(gvk schema.GroupVersionKind) *cluster.ServerVersion {
 		return &v122
 	case ApiextensionsV1B1:
 		return &v122
-	case AuthenticationV1B1:
-		return &v122
-	case AuthorizationV1B1:
-		return &v122
 	case BatchV2A1:
 		return &v121
 	case CoordinationV1B1:
@@ -334,10 +325,6 @@ func SuggestedAPIVersion(gvk schema.GroupVersionKind) string {
 		return fmt.Sprintf(gvkFmt, ApiregistrationV1, k)
 	case AppsV1B1, AppsV1B2:
 		return fmt.Sprintf(gvkFmt, AppsV1, k)
-	case AuthenticationV1B1:
-		return fmt.Sprintf(gvkFmt, AuthenticationV1, k)
-	case AuthorizationV1B1:
-		return fmt.Sprintf(gvkFmt, AuthorizationV1, k)
 	case AutoscalingV2B1:
 		return fmt.Sprintf(gvkFmt, AutoscalingV1, k)
 	case BatchV2A1:

provider/pkg/kinds/deprecated_test.go

@@ -37,11 +37,6 @@ func TestDeprecatedApiVersion(t *testing.T) {
 		{toGVK(AppsV1, Deployment), nil, false},
 		{toGVK(AppsV1B1, Deployment), nil, true},
 		{toGVK(AppsV1B2, Deployment), nil, true},
-		{toGVK(AuthenticationV1B1, TokenReview), nil, true},
-		{toGVK(AuthorizationV1B1, LocalSubjectAccessReview), nil, true},
-		{toGVK(AuthorizationV1B1, SelfSubjectAccessReview), nil, true},
-		{toGVK(AuthorizationV1B1, SelfSubjectRulesReview), nil, true},
-		{toGVK(AuthorizationV1B1, SubjectAccessReview), nil, true},
 		{toGVK(AutoscalingV2B1, HorizontalPodAutoscaler), nil, true},
 		{toGVK(BatchV2A1, CronJob), &v121, true},
 		{toGVK(CoordinationV1B1, Lease), nil, true},
@@ -155,8 +150,6 @@ func TestSuggestedApiVersion(t *testing.T) {
 		{toGVK(ApiregistrationV1B1, APIServiceList), wantStr(ApiregistrationV1, APIServiceList)},
 		{toGVK(AppsV1B1, Deployment), wantStr(AppsV1, Deployment)},
 		{toGVK(AppsV1B2, Deployment), wantStr(AppsV1, Deployment)},
-		{toGVK(AuthenticationV1B1, TokenReview), wantStr(AuthenticationV1, TokenReview)},
-		{toGVK(AuthorizationV1B1, LocalSubjectAccessReview), wantStr(AuthorizationV1, LocalSubjectAccessReview)},
 		{toGVK(AutoscalingV2B1, HorizontalPodAutoscaler), wantStr(AutoscalingV1, HorizontalPodAutoscaler)},
 		{toGVK(BatchV2A1, CronJob), wantStr(BatchV1B1, CronJob)},
 		{toGVK(CoordinationV1B1, Lease), wantStr(CoordinationV1, Lease)},
@@ -201,8 +194,6 @@ func TestRemovedInVersion(t *testing.T) {
 		{toGVK(ApiextensionsV1B1, CustomResourceDefinition), &v122},
 		{toGVK(AppsV1B1, Deployment), &v116},
 		{toGVK(AppsV1B2, Deployment), &v116},
-		{toGVK(AuthenticationV1B1, TokenReview), &v122},
-		{toGVK(AuthorizationV1B1, LocalSubjectAccessReview), &v122},
 		{toGVK(BatchV2A1, CronJob), &v121},
 		{toGVK(CoordinationV1B1, Lease), &v122},
 		{toGVK(DiscoveryV1B1, EndpointSlice), &v125},

provider/pkg/kinds/kinds.go

@@ -83,7 +83,6 @@ const (
 	LeaseList                            Kind = "LeaseList"
 	LimitRange                           Kind = "LimitRange"
 	LimitRangeList                       Kind = "LimitRangeList"
-	LocalSubjectAccessReview             Kind = "LocalSubjectAccessReview"
 	MutatingWebhookConfiguration         Kind = "MutatingWebhookConfiguration"
 	MutatingWebhookConfigurationList     Kind = "MutatingWebhookConfigurationList"
 	Namespace                            Kind = "Namespace"
@@ -134,9 +133,6 @@ const (
 	RuntimeClassList                     Kind = "RuntimeClassList"
 	Secret                               Kind = "Secret"
 	SecretList                           Kind = "SecretList"
-	SelfSubjectAccessReview              Kind = "SelfSubjectAccessReview"
-	SelfSubjectReview                    Kind = "SelfSubjectReview"
-	SelfSubjectRulesReview               Kind = "SelfSubjectRulesReview"
 	Service                              Kind = "Service"
 	ServiceAccount                       Kind = "ServiceAccount"
 	ServiceAccountList                   Kind = "ServiceAccountList"
@@ -146,9 +142,6 @@ const (
 	Status                               Kind = "Status"
 	StorageClass                         Kind = "StorageClass"
 	StorageClassList                     Kind = "StorageClassList"
-	SubjectAccessReview                  Kind = "SubjectAccessReview"
-	TokenRequest                         Kind = "TokenRequest"
-	TokenReview                          Kind = "TokenReview"
 	ValidatingAdmissionPolicy            Kind = "ValidatingAdmissionPolicy"
 	ValidatingAdmissionPolicyBinding     Kind = "ValidatingAdmissionPolicyBinding"
 	ValidatingAdmissionPolicyBindingList Kind = "ValidatingAdmissionPolicyBindingList"
@@ -179,7 +172,6 @@ func (k Kind) Namespaced() (known bool, namespaced bool) {
 		Job,
 		Lease,
 		LimitRange,
-		LocalSubjectAccessReview,
 		NetworkPolicy,
 		PersistentVolumeClaim,
 		Pod,
@@ -211,11 +203,7 @@ func (k Kind) Namespaced() (known bool, namespaced bool) {
 		PodSecurityPolicy,
 		PriorityClass,
 		RuntimeClass,
-		SelfSubjectAccessReview,
-		SelfSubjectRulesReview,
 		StorageClass,
-		SubjectAccessReview,
-		TokenReview,
 		ValidatingWebhookConfiguration,
 		VolumeAttachment:
 		return true, false
@@ -239,11 +227,6 @@ const (
 	AppsV1B1                  groupVersion = "apps/v1beta1"
 	AppsV1B2                  groupVersion = "apps/v1beta2"
 	AuditregistrationV1A1     groupVersion = "auditregistration.k8s.io/v1alpha1"
-	AuthenticationV1          groupVersion = "authentication.k8s.io/v1"
-	AuthenticationV1A1        groupVersion = "authentication.k8s.io/v1alpha1"
-	AuthenticationV1B1        groupVersion = "authentication.k8s.io/v1beta1"
-	AuthorizationV1           groupVersion = "authorization.k8s.io/v1"
-	AuthorizationV1B1         groupVersion = "authorization.k8s.io/v1beta1"
 	AutoscalingV1             groupVersion = "autoscaling/v1"
 	AutoscalingV2             groupVersion = "autoscaling/v2"
 	AutoscalingV2B1           groupVersion = "autoscaling/v2beta1"
@@ -314,11 +297,6 @@ var KnownGroupVersions = codegen.NewStringSet(
 	"apps/v1beta1",
 	"apps/v1beta2",
 	"auditregistration.k8s.io/v1alpha1",
-	"authentication.k8s.io/v1",
-	"authentication.k8s.io/v1alpha1",
-	"authentication.k8s.io/v1beta1",
-	"authorization.k8s.io/v1",
-	"authorization.k8s.io/v1beta1",
 	"autoscaling/v1",
 	"autoscaling/v2",
 	"autoscaling/v2beta1",