DeploymentStatus is the most recently observed status of the Deployment.
@@ -7691,6 +7727,13 @@ Both these may change in the future. Incoming requests are matched against the h
boolean |
false |
+
+allowedHostPaths |
+is a white list of allowed host paths. Empty indicates that all host paths may be used. |
+false |
+v1beta1.AllowedHostPath array |
+ |
+
diff --git a/pkg/apis/extensions/types.go b/pkg/apis/extensions/types.go
index 55511f96f13..7af14ac95d5 100644
--- a/pkg/apis/extensions/types.go
+++ b/pkg/apis/extensions/types.go
@@ -933,6 +933,22 @@ type PodSecurityPolicySpec struct {
// privilege escalation.
// +optional
AllowPrivilegeEscalation bool
+ // AllowedHostPaths is a white list of allowed host paths. Empty indicates that all host paths may be used.
+ // +optional
+ AllowedHostPaths []AllowedHostPath
+}
+
+// AllowedHostPath defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+type AllowedHostPath struct {
+ // PathPrefix is the path prefix that the host volume must match.
+ // PathPrefix does not support `*`.
+ // Trailing slashes are trimmed when validating the path prefix with a host path.
+ //
+ // Examples:
+ // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+ // `/foo` would not allow `/food` or `/etc/foo`
+ PathPrefix string
}
// HostPortRange defines a range of host ports that will be enabled by a policy
diff --git a/pkg/apis/extensions/v1beta1/zz_generated.conversion.go b/pkg/apis/extensions/v1beta1/zz_generated.conversion.go
index 8b7a7b10073..7e663678310 100644
--- a/pkg/apis/extensions/v1beta1/zz_generated.conversion.go
+++ b/pkg/apis/extensions/v1beta1/zz_generated.conversion.go
@@ -42,6 +42,8 @@ func RegisterConversions(scheme *runtime.Scheme) error {
return scheme.AddGeneratedConversionFuncs(
Convert_v1beta1_APIVersion_To_extensions_APIVersion,
Convert_extensions_APIVersion_To_v1beta1_APIVersion,
+ Convert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath,
+ Convert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath,
Convert_v1beta1_CustomMetricCurrentStatus_To_extensions_CustomMetricCurrentStatus,
Convert_extensions_CustomMetricCurrentStatus_To_v1beta1_CustomMetricCurrentStatus,
Convert_v1beta1_CustomMetricCurrentStatusList_To_extensions_CustomMetricCurrentStatusList,
@@ -165,6 +167,26 @@ func Convert_extensions_APIVersion_To_v1beta1_APIVersion(in *extensions.APIVersi
return autoConvert_extensions_APIVersion_To_v1beta1_APIVersion(in, out, s)
}
+func autoConvert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath(in *v1beta1.AllowedHostPath, out *extensions.AllowedHostPath, s conversion.Scope) error {
+ out.PathPrefix = in.PathPrefix
+ return nil
+}
+
+// Convert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath is an autogenerated conversion function.
+func Convert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath(in *v1beta1.AllowedHostPath, out *extensions.AllowedHostPath, s conversion.Scope) error {
+ return autoConvert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath(in, out, s)
+}
+
+func autoConvert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath(in *extensions.AllowedHostPath, out *v1beta1.AllowedHostPath, s conversion.Scope) error {
+ out.PathPrefix = in.PathPrefix
+ return nil
+}
+
+// Convert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath is an autogenerated conversion function.
+func Convert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath(in *extensions.AllowedHostPath, out *v1beta1.AllowedHostPath, s conversion.Scope) error {
+ return autoConvert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath(in, out, s)
+}
+
func autoConvert_v1beta1_CustomMetricCurrentStatus_To_extensions_CustomMetricCurrentStatus(in *v1beta1.CustomMetricCurrentStatus, out *extensions.CustomMetricCurrentStatus, s conversion.Scope) error {
out.Name = in.Name
out.CurrentValue = in.CurrentValue
@@ -1054,6 +1076,7 @@ func autoConvert_v1beta1_PodSecurityPolicySpec_To_extensions_PodSecurityPolicySp
out.ReadOnlyRootFilesystem = in.ReadOnlyRootFilesystem
out.DefaultAllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.DefaultAllowPrivilegeEscalation))
out.AllowPrivilegeEscalation = in.AllowPrivilegeEscalation
+ out.AllowedHostPaths = *(*[]extensions.AllowedHostPath)(unsafe.Pointer(&in.AllowedHostPaths))
return nil
}
@@ -1097,6 +1120,7 @@ func autoConvert_extensions_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySp
out.ReadOnlyRootFilesystem = in.ReadOnlyRootFilesystem
out.DefaultAllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.DefaultAllowPrivilegeEscalation))
out.AllowPrivilegeEscalation = in.AllowPrivilegeEscalation
+ out.AllowedHostPaths = *(*[]v1beta1.AllowedHostPath)(unsafe.Pointer(&in.AllowedHostPaths))
return nil
}
diff --git a/pkg/apis/extensions/validation/validation.go b/pkg/apis/extensions/validation/validation.go
index 6696d0b195e..7323b6c9892 100644
--- a/pkg/apis/extensions/validation/validation.go
+++ b/pkg/apis/extensions/validation/validation.go
@@ -19,6 +19,8 @@ package validation
import (
"fmt"
"net"
+
+ "path/filepath"
"regexp"
"strconv"
"strings"
@@ -661,6 +663,7 @@ func ValidatePodSecurityPolicySpec(spec *extensions.PodSecurityPolicySpec, fldPa
allErrs = append(allErrs, validatePSPCapsAgainstDrops(spec.RequiredDropCapabilities, spec.DefaultAddCapabilities, field.NewPath("defaultAddCapabilities"))...)
allErrs = append(allErrs, validatePSPCapsAgainstDrops(spec.RequiredDropCapabilities, spec.AllowedCapabilities, field.NewPath("allowedCapabilities"))...)
allErrs = append(allErrs, validatePSPDefaultAllowPrivilegeEscalation(fldPath.Child("defaultAllowPrivilegeEscalation"), spec.DefaultAllowPrivilegeEscalation, spec.AllowPrivilegeEscalation)...)
+ allErrs = append(allErrs, validatePSPAllowedHostPaths(fldPath.Child("allowedHostPaths"), spec.AllowedHostPaths)...)
return allErrs
}
@@ -701,6 +704,29 @@ func ValidatePodSecurityPolicySpecificAnnotations(annotations map[string]string,
return allErrs
}
+// validatePSPAllowedHostPaths makes sure all allowed host paths follow:
+// 1. path prefix is required
+// 2. path prefix does not have any element which is ".."
+func validatePSPAllowedHostPaths(fldPath *field.Path, allowedHostPaths []extensions.AllowedHostPath) field.ErrorList {
+ allErrs := field.ErrorList{}
+
+ for i, target := range allowedHostPaths {
+ if target.PathPrefix == "" {
+ allErrs = append(allErrs, field.Required(fldPath.Index(i), "is required"))
+ break
+ }
+ parts := strings.Split(filepath.ToSlash(target.PathPrefix), "/")
+ for _, item := range parts {
+ if item == ".." {
+ allErrs = append(allErrs, field.Invalid(fldPath.Index(i), target.PathPrefix, "must not contain '..'"))
+ break // even for `../../..`, one error is sufficient to make the point
+ }
+ }
+ }
+
+ return allErrs
+}
+
// validatePSPSELinux validates the SELinux fields of PodSecurityPolicy.
func validatePSPSELinux(fldPath *field.Path, seLinux *extensions.SELinuxStrategyOptions) field.ErrorList {
allErrs := field.ErrorList{}
diff --git a/pkg/apis/extensions/validation/validation_test.go b/pkg/apis/extensions/validation/validation_test.go
index 0afd286dcca..2bd0d5a051d 100644
--- a/pkg/apis/extensions/validation/validation_test.go
+++ b/pkg/apis/extensions/validation/validation_test.go
@@ -2418,6 +2418,10 @@ func TestValidatePodSecurityPolicy(t *testing.T) {
SupplementalGroups: extensions.SupplementalGroupsStrategyOptions{
Rule: extensions.SupplementalGroupsStrategyRunAsAny,
},
+ AllowedHostPaths: []extensions.AllowedHostPath{
+ {PathPrefix: "/foo/bar"},
+ {PathPrefix: "/baz/"},
+ },
},
}
}
@@ -2497,6 +2501,16 @@ func TestValidatePodSecurityPolicy(t *testing.T) {
seccomp.AllowedProfilesAnnotationKey: "docker/default,not-good",
}
+ invalidAllowedHostPathMissingPath := validPSP()
+ invalidAllowedHostPathMissingPath.Spec.AllowedHostPaths = []extensions.AllowedHostPath{
+ {PathPrefix: ""},
+ }
+
+ invalidAllowedHostPathBacksteps := validPSP()
+ invalidAllowedHostPathBacksteps.Spec.AllowedHostPaths = []extensions.AllowedHostPath{
+ {PathPrefix: "/dont/allow/backsteps/.."},
+ }
+
invalidDefaultAllowPrivilegeEscalation := validPSP()
pe := true
invalidDefaultAllowPrivilegeEscalation.Spec.DefaultAllowPrivilegeEscalation = &pe
@@ -2612,6 +2626,16 @@ func TestValidatePodSecurityPolicy(t *testing.T) {
errorType: field.ErrorTypeInvalid,
errorDetail: "Cannot set DefaultAllowPrivilegeEscalation to true without also setting AllowPrivilegeEscalation to true",
},
+ "invalid allowed host path empty path": {
+ psp: invalidAllowedHostPathMissingPath,
+ errorType: field.ErrorTypeRequired,
+ errorDetail: "is required",
+ },
+ "invalid allowed host path with backsteps": {
+ psp: invalidAllowedHostPathBacksteps,
+ errorType: field.ErrorTypeInvalid,
+ errorDetail: "must not contain '..'",
+ },
}
for k, v := range errorCases {
diff --git a/pkg/apis/extensions/zz_generated.deepcopy.go b/pkg/apis/extensions/zz_generated.deepcopy.go
index 69414fa7156..d41048a5a88 100644
--- a/pkg/apis/extensions/zz_generated.deepcopy.go
+++ b/pkg/apis/extensions/zz_generated.deepcopy.go
@@ -42,6 +42,10 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
in.(*APIVersion).DeepCopyInto(out.(*APIVersion))
return nil
}, InType: reflect.TypeOf(&APIVersion{})},
+ conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
+ in.(*AllowedHostPath).DeepCopyInto(out.(*AllowedHostPath))
+ return nil
+ }, InType: reflect.TypeOf(&AllowedHostPath{})},
conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
in.(*CustomMetricCurrentStatus).DeepCopyInto(out.(*CustomMetricCurrentStatus))
return nil
@@ -269,6 +273,22 @@ func (in *APIVersion) DeepCopy() *APIVersion {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllowedHostPath) DeepCopyInto(out *AllowedHostPath) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedHostPath.
+func (in *AllowedHostPath) DeepCopy() *AllowedHostPath {
+ if in == nil {
+ return nil
+ }
+ out := new(AllowedHostPath)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CustomMetricCurrentStatus) DeepCopyInto(out *CustomMetricCurrentStatus) {
*out = *in
@@ -1117,6 +1137,11 @@ func (in *PodSecurityPolicySpec) DeepCopyInto(out *PodSecurityPolicySpec) {
**out = **in
}
}
+ if in.AllowedHostPaths != nil {
+ in, out := &in.AllowedHostPaths, &out.AllowedHostPaths
+ *out = make([]AllowedHostPath, len(*in))
+ copy(*out, *in)
+ }
return
}
diff --git a/pkg/security/podsecuritypolicy/provider.go b/pkg/security/podsecuritypolicy/provider.go
index 0f12241f628..0d171e1db1b 100644
--- a/pkg/security/podsecuritypolicy/provider.go
+++ b/pkg/security/podsecuritypolicy/provider.go
@@ -239,7 +239,8 @@ func (s *simpleProvider) ValidatePodSecurityContext(pod *api.Pod, fldPath *field
// TODO(tallclair): ValidatePodSecurityContext should be renamed to ValidatePod since its scope
// is not limited to the PodSecurityContext.
- if len(pod.Spec.Volumes) > 0 && !psputil.PSPAllowsAllVolumes(s.psp) {
+ if len(pod.Spec.Volumes) > 0 {
+ allowsAllVolumeTypes := psputil.PSPAllowsAllVolumes(s.psp)
allowedVolumes := psputil.FSTypeToStringSet(s.psp.Spec.Volumes)
for i, v := range pod.Spec.Volumes {
fsType, err := psputil.GetVolumeFSType(v)
@@ -248,10 +249,19 @@ func (s *simpleProvider) ValidatePodSecurityContext(pod *api.Pod, fldPath *field
continue
}
- if !allowedVolumes.Has(string(fsType)) {
+ if !allowsAllVolumeTypes && !allowedVolumes.Has(string(fsType)) {
allErrs = append(allErrs, field.Invalid(
field.NewPath("spec", "volumes").Index(i), string(fsType),
fmt.Sprintf("%s volumes are not allowed to be used", string(fsType))))
+ continue
+ }
+
+ if fsType == extensions.HostPath {
+ if !psputil.AllowsHostVolumePath(s.psp, v.HostPath.Path) {
+ allErrs = append(allErrs, field.Invalid(
+ field.NewPath("spec", "volumes").Index(i).Child("hostPath", "pathPrefix"), v.HostPath.Path,
+ fmt.Sprintf("is not allowed to be used")))
+ }
}
}
}
diff --git a/pkg/security/podsecuritypolicy/provider_test.go b/pkg/security/podsecuritypolicy/provider_test.go
index b1f34b39d8e..2dc6111c779 100644
--- a/pkg/security/podsecuritypolicy/provider_test.go
+++ b/pkg/security/podsecuritypolicy/provider_test.go
@@ -248,6 +248,23 @@ func TestValidatePodSecurityContextFailures(t *testing.T) {
},
}
+ failHostPathDirPod := defaultPod()
+ failHostPathDirPod.Spec.Volumes = []api.Volume{
+ {
+ Name: "bad volume",
+ VolumeSource: api.VolumeSource{
+ HostPath: &api.HostPathVolumeSource{
+ Path: "/fail",
+ },
+ },
+ },
+ }
+ failHostPathDirPSP := defaultPSP()
+ failHostPathDirPSP.Spec.Volumes = []extensions.FSType{extensions.HostPath}
+ failHostPathDirPSP.Spec.AllowedHostPaths = []extensions.AllowedHostPath{
+ {PathPrefix: "/foo/bar"},
+ }
+
failOtherSysctlsAllowedPSP := defaultPSP()
failOtherSysctlsAllowedPSP.Annotations[extensions.SysctlsPodSecurityPolicyAnnotationKey] = "bar,abc"
@@ -318,6 +335,11 @@ func TestValidatePodSecurityContextFailures(t *testing.T) {
psp: defaultPSP(),
expectedError: "hostPath volumes are not allowed to be used",
},
+ "failHostPathDirPSP": {
+ pod: failHostPathDirPod,
+ psp: failHostPathDirPSP,
+ expectedError: "is not allowed to be used",
+ },
"failSafeSysctlFooPod with failNoSysctlAllowedSCC": {
pod: failSafeSysctlFooPod,
psp: failNoSysctlAllowedPSP,
@@ -556,6 +578,30 @@ func TestValidatePodSecurityContextSuccess(t *testing.T) {
Level: "level",
}
+ hostPathDirPod := defaultPod()
+ hostPathDirPod.Spec.Volumes = []api.Volume{
+ {
+ Name: "good volume",
+ VolumeSource: api.VolumeSource{
+ HostPath: &api.HostPathVolumeSource{
+ Path: "/foo/bar/baz",
+ },
+ },
+ },
+ }
+
+ hostPathDirPSP := defaultPSP()
+ hostPathDirPSP.Spec.Volumes = []extensions.FSType{extensions.HostPath}
+ hostPathDirPSP.Spec.AllowedHostPaths = []extensions.AllowedHostPath{
+ {PathPrefix: "/foo/bar"},
+ }
+
+ hostPathDirAsterisksPSP := defaultPSP()
+ hostPathDirAsterisksPSP.Spec.Volumes = []extensions.FSType{extensions.All}
+ hostPathDirAsterisksPSP.Spec.AllowedHostPaths = []extensions.AllowedHostPath{
+ {PathPrefix: "/foo/bar"},
+ }
+
sysctlAllowFooPSP := defaultPSP()
sysctlAllowFooPSP.Annotations[extensions.SysctlsPodSecurityPolicyAnnotationKey] = "foo"
@@ -619,6 +665,14 @@ func TestValidatePodSecurityContextSuccess(t *testing.T) {
pod: unsafeSysctlFooPod,
psp: defaultPSP(),
},
+ "pass hostDir allowed directory validating PSP": {
+ pod: hostPathDirPod,
+ psp: hostPathDirPSP,
+ },
+ "pass hostDir all volumes allowed validating PSP": {
+ pod: hostPathDirPod,
+ psp: hostPathDirAsterisksPSP,
+ },
"pass seccomp validating PSP": {
pod: seccompPod,
psp: seccompPSP,
diff --git a/pkg/security/podsecuritypolicy/util/util.go b/pkg/security/podsecuritypolicy/util/util.go
index 277623d5cea..3ff6d89bc77 100644
--- a/pkg/security/podsecuritypolicy/util/util.go
+++ b/pkg/security/podsecuritypolicy/util/util.go
@@ -18,6 +18,7 @@ package util
import (
"fmt"
+ "strings"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/kubernetes/pkg/api"
@@ -170,3 +171,53 @@ func UserFallsInRange(id int64, rng extensions.UserIDRange) bool {
func GroupFallsInRange(id int64, rng extensions.GroupIDRange) bool {
return id >= rng.Min && id <= rng.Max
}
+
+// AllowsHostVolumePath is a utility for checking if a PSP allows the host volume path.
+// This only checks the path. You should still check to make sure the host volume fs type is allowed.
+func AllowsHostVolumePath(psp *extensions.PodSecurityPolicy, hostPath string) bool {
+ if psp == nil {
+ return false
+ }
+
+ // If no allowed paths are specified then allow any path
+ if len(psp.Spec.AllowedHostPaths) == 0 {
+ return true
+ }
+
+ for _, allowedPath := range psp.Spec.AllowedHostPaths {
+ if hasPathPrefix(hostPath, allowedPath.PathPrefix) {
+ return true
+ }
+ }
+
+ return false
+}
+
+// hasPathPrefix returns true if the string matches pathPrefix exactly, or if is prefixed with pathPrefix at a path segment boundary
+// the string and pathPrefix are both normalized to remove trailing slashes prior to checking.
+func hasPathPrefix(s, pathPrefix string) bool {
+
+ s = strings.TrimSuffix(s, "/")
+ pathPrefix = strings.TrimSuffix(pathPrefix, "/")
+
+ // Short circuit if s doesn't contain the prefix at all
+ if !strings.HasPrefix(s, pathPrefix) {
+ return false
+ }
+
+ pathPrefixLength := len(pathPrefix)
+
+ if len(s) == pathPrefixLength {
+ // Exact match
+ return true
+ }
+
+ if s[pathPrefixLength:pathPrefixLength+1] == "/" {
+ // The next character in s is a path segment boundary
+ // Check this instead of normalizing pathPrefix to avoid allocating on every call
+ // Example where this check applies: s=/foo/bar and pathPrefix=/foo
+ return true
+ }
+
+ return false
+}
diff --git a/pkg/security/podsecuritypolicy/util/util_test.go b/pkg/security/podsecuritypolicy/util/util_test.go
index 63a2dd3de04..048e793fa8f 100644
--- a/pkg/security/podsecuritypolicy/util/util_test.go
+++ b/pkg/security/podsecuritypolicy/util/util_test.go
@@ -103,3 +103,95 @@ func TestPSPAllowsFSType(t *testing.T) {
}
}
}
+
+func TestAllowsHostVolumePath(t *testing.T) {
+ tests := map[string]struct {
+ psp *extensions.PodSecurityPolicy
+ path string
+ allows bool
+ }{
+ "nil psp": {
+ psp: nil,
+ path: "/test",
+ allows: false,
+ },
+ "empty allowed paths": {
+ psp: &extensions.PodSecurityPolicy{},
+ path: "/test",
+ allows: true,
+ },
+ "non-matching": {
+ psp: &extensions.PodSecurityPolicy{
+ Spec: extensions.PodSecurityPolicySpec{
+ AllowedHostPaths: []extensions.AllowedHostPath{
+ {PathPrefix: "/foo"},
+ },
+ },
+ },
+ path: "/foobar",
+ allows: false,
+ },
+ "match on direct match": {
+ psp: &extensions.PodSecurityPolicy{
+ Spec: extensions.PodSecurityPolicySpec{
+ AllowedHostPaths: []extensions.AllowedHostPath{
+ {PathPrefix: "/foo"},
+ },
+ },
+ },
+ path: "/foo",
+ allows: true,
+ },
+ "match with trailing slash on host path": {
+ psp: &extensions.PodSecurityPolicy{
+ Spec: extensions.PodSecurityPolicySpec{
+ AllowedHostPaths: []extensions.AllowedHostPath{
+ {PathPrefix: "/foo"},
+ },
+ },
+ },
+ path: "/foo/",
+ allows: true,
+ },
+ "match with trailing slash on allowed path": {
+ psp: &extensions.PodSecurityPolicy{
+ Spec: extensions.PodSecurityPolicySpec{
+ AllowedHostPaths: []extensions.AllowedHostPath{
+ {PathPrefix: "/foo/"},
+ },
+ },
+ },
+ path: "/foo",
+ allows: true,
+ },
+ "match child directory": {
+ psp: &extensions.PodSecurityPolicy{
+ Spec: extensions.PodSecurityPolicySpec{
+ AllowedHostPaths: []extensions.AllowedHostPath{
+ {PathPrefix: "/foo/"},
+ },
+ },
+ },
+ path: "/foo/bar",
+ allows: true,
+ },
+ "non-matching parent directory": {
+ psp: &extensions.PodSecurityPolicy{
+ Spec: extensions.PodSecurityPolicySpec{
+ AllowedHostPaths: []extensions.AllowedHostPath{
+ {PathPrefix: "/foo/bar"},
+ },
+ },
+ },
+ path: "/foo",
+ allows: false,
+ },
+ }
+
+ for k, v := range tests {
+ allows := AllowsHostVolumePath(v.psp, v.path)
+ if v.allows != allows {
+ t.Errorf("%s expected %t but got %t", k, v.allows, allows)
+ }
+ }
+}
diff --git a/staging/src/k8s.io/api/extensions/v1beta1/generated.pb.go b/staging/src/k8s.io/api/extensions/v1beta1/generated.pb.go
index f7eb3b4d65a..6e12f12956a 100644
--- a/staging/src/k8s.io/api/extensions/v1beta1/generated.pb.go
+++ b/staging/src/k8s.io/api/extensions/v1beta1/generated.pb.go
@@ -26,6 +26,7 @@ limitations under the License.
It has these top-level messages:
APIVersion
+ AllowedHostPath
CustomMetricCurrentStatus
CustomMetricCurrentStatusList
CustomMetricTarget
@@ -119,256 +120,263 @@ func (m *APIVersion) Reset() { *m = APIVersion{} }
func (*APIVersion) ProtoMessage() {}
func (*APIVersion) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
+func (m *AllowedHostPath) Reset() { *m = AllowedHostPath{} }
+func (*AllowedHostPath) ProtoMessage() {}
+func (*AllowedHostPath) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+
func (m *CustomMetricCurrentStatus) Reset() { *m = CustomMetricCurrentStatus{} }
func (*CustomMetricCurrentStatus) ProtoMessage() {}
func (*CustomMetricCurrentStatus) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{1}
+ return fileDescriptorGenerated, []int{2}
}
func (m *CustomMetricCurrentStatusList) Reset() { *m = CustomMetricCurrentStatusList{} }
func (*CustomMetricCurrentStatusList) ProtoMessage() {}
func (*CustomMetricCurrentStatusList) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{2}
+ return fileDescriptorGenerated, []int{3}
}
func (m *CustomMetricTarget) Reset() { *m = CustomMetricTarget{} }
func (*CustomMetricTarget) ProtoMessage() {}
-func (*CustomMetricTarget) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
+func (*CustomMetricTarget) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
func (m *CustomMetricTargetList) Reset() { *m = CustomMetricTargetList{} }
func (*CustomMetricTargetList) ProtoMessage() {}
-func (*CustomMetricTargetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
+func (*CustomMetricTargetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
func (m *DaemonSet) Reset() { *m = DaemonSet{} }
func (*DaemonSet) ProtoMessage() {}
-func (*DaemonSet) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
+func (*DaemonSet) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
func (m *DaemonSetList) Reset() { *m = DaemonSetList{} }
func (*DaemonSetList) ProtoMessage() {}
-func (*DaemonSetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
+func (*DaemonSetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
func (m *DaemonSetSpec) Reset() { *m = DaemonSetSpec{} }
func (*DaemonSetSpec) ProtoMessage() {}
-func (*DaemonSetSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
+func (*DaemonSetSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
func (m *DaemonSetStatus) Reset() { *m = DaemonSetStatus{} }
func (*DaemonSetStatus) ProtoMessage() {}
-func (*DaemonSetStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
+func (*DaemonSetStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} }
-func (m *DaemonSetUpdateStrategy) Reset() { *m = DaemonSetUpdateStrategy{} }
-func (*DaemonSetUpdateStrategy) ProtoMessage() {}
-func (*DaemonSetUpdateStrategy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} }
+func (m *DaemonSetUpdateStrategy) Reset() { *m = DaemonSetUpdateStrategy{} }
+func (*DaemonSetUpdateStrategy) ProtoMessage() {}
+func (*DaemonSetUpdateStrategy) Descriptor() ([]byte, []int) {
+ return fileDescriptorGenerated, []int{10}
+}
func (m *Deployment) Reset() { *m = Deployment{} }
func (*Deployment) ProtoMessage() {}
-func (*Deployment) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
+func (*Deployment) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
func (m *DeploymentCondition) Reset() { *m = DeploymentCondition{} }
func (*DeploymentCondition) ProtoMessage() {}
-func (*DeploymentCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
+func (*DeploymentCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
func (m *DeploymentList) Reset() { *m = DeploymentList{} }
func (*DeploymentList) ProtoMessage() {}
-func (*DeploymentList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
+func (*DeploymentList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{13} }
func (m *DeploymentRollback) Reset() { *m = DeploymentRollback{} }
func (*DeploymentRollback) ProtoMessage() {}
-func (*DeploymentRollback) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{13} }
+func (*DeploymentRollback) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{14} }
func (m *DeploymentSpec) Reset() { *m = DeploymentSpec{} }
func (*DeploymentSpec) ProtoMessage() {}
-func (*DeploymentSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{14} }
+func (*DeploymentSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{15} }
func (m *DeploymentStatus) Reset() { *m = DeploymentStatus{} }
func (*DeploymentStatus) ProtoMessage() {}
-func (*DeploymentStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{15} }
+func (*DeploymentStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{16} }
func (m *DeploymentStrategy) Reset() { *m = DeploymentStrategy{} }
func (*DeploymentStrategy) ProtoMessage() {}
-func (*DeploymentStrategy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{16} }
+func (*DeploymentStrategy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{17} }
func (m *FSGroupStrategyOptions) Reset() { *m = FSGroupStrategyOptions{} }
func (*FSGroupStrategyOptions) ProtoMessage() {}
-func (*FSGroupStrategyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{17} }
+func (*FSGroupStrategyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{18} }
func (m *HTTPIngressPath) Reset() { *m = HTTPIngressPath{} }
func (*HTTPIngressPath) ProtoMessage() {}
-func (*HTTPIngressPath) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{18} }
+func (*HTTPIngressPath) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{19} }
func (m *HTTPIngressRuleValue) Reset() { *m = HTTPIngressRuleValue{} }
func (*HTTPIngressRuleValue) ProtoMessage() {}
-func (*HTTPIngressRuleValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{19} }
+func (*HTTPIngressRuleValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{20} }
func (m *HostPortRange) Reset() { *m = HostPortRange{} }
func (*HostPortRange) ProtoMessage() {}
-func (*HostPortRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{20} }
+func (*HostPortRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{21} }
func (m *IDRange) Reset() { *m = IDRange{} }
func (*IDRange) ProtoMessage() {}
-func (*IDRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{21} }
+func (*IDRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{22} }
func (m *IPBlock) Reset() { *m = IPBlock{} }
func (*IPBlock) ProtoMessage() {}
-func (*IPBlock) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{22} }
+func (*IPBlock) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{23} }
func (m *Ingress) Reset() { *m = Ingress{} }
func (*Ingress) ProtoMessage() {}
-func (*Ingress) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{23} }
+func (*Ingress) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{24} }
func (m *IngressBackend) Reset() { *m = IngressBackend{} }
func (*IngressBackend) ProtoMessage() {}
-func (*IngressBackend) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{24} }
+func (*IngressBackend) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{25} }
func (m *IngressList) Reset() { *m = IngressList{} }
func (*IngressList) ProtoMessage() {}
-func (*IngressList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{25} }
+func (*IngressList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{26} }
func (m *IngressRule) Reset() { *m = IngressRule{} }
func (*IngressRule) ProtoMessage() {}
-func (*IngressRule) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{26} }
+func (*IngressRule) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{27} }
func (m *IngressRuleValue) Reset() { *m = IngressRuleValue{} }
func (*IngressRuleValue) ProtoMessage() {}
-func (*IngressRuleValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{27} }
+func (*IngressRuleValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{28} }
func (m *IngressSpec) Reset() { *m = IngressSpec{} }
func (*IngressSpec) ProtoMessage() {}
-func (*IngressSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{28} }
+func (*IngressSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{29} }
func (m *IngressStatus) Reset() { *m = IngressStatus{} }
func (*IngressStatus) ProtoMessage() {}
-func (*IngressStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{29} }
+func (*IngressStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{30} }
func (m *IngressTLS) Reset() { *m = IngressTLS{} }
func (*IngressTLS) ProtoMessage() {}
-func (*IngressTLS) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{30} }
+func (*IngressTLS) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{31} }
func (m *NetworkPolicy) Reset() { *m = NetworkPolicy{} }
func (*NetworkPolicy) ProtoMessage() {}
-func (*NetworkPolicy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{31} }
+func (*NetworkPolicy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{32} }
func (m *NetworkPolicyIngressRule) Reset() { *m = NetworkPolicyIngressRule{} }
func (*NetworkPolicyIngressRule) ProtoMessage() {}
func (*NetworkPolicyIngressRule) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{32}
+ return fileDescriptorGenerated, []int{33}
}
func (m *NetworkPolicyList) Reset() { *m = NetworkPolicyList{} }
func (*NetworkPolicyList) ProtoMessage() {}
-func (*NetworkPolicyList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{33} }
+func (*NetworkPolicyList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{34} }
func (m *NetworkPolicyPeer) Reset() { *m = NetworkPolicyPeer{} }
func (*NetworkPolicyPeer) ProtoMessage() {}
-func (*NetworkPolicyPeer) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{34} }
+func (*NetworkPolicyPeer) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{35} }
func (m *NetworkPolicyPort) Reset() { *m = NetworkPolicyPort{} }
func (*NetworkPolicyPort) ProtoMessage() {}
-func (*NetworkPolicyPort) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{35} }
+func (*NetworkPolicyPort) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{36} }
func (m *NetworkPolicySpec) Reset() { *m = NetworkPolicySpec{} }
func (*NetworkPolicySpec) ProtoMessage() {}
-func (*NetworkPolicySpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{36} }
+func (*NetworkPolicySpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{37} }
func (m *PodSecurityPolicy) Reset() { *m = PodSecurityPolicy{} }
func (*PodSecurityPolicy) ProtoMessage() {}
-func (*PodSecurityPolicy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{37} }
+func (*PodSecurityPolicy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{38} }
func (m *PodSecurityPolicyList) Reset() { *m = PodSecurityPolicyList{} }
func (*PodSecurityPolicyList) ProtoMessage() {}
-func (*PodSecurityPolicyList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{38} }
+func (*PodSecurityPolicyList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{39} }
func (m *PodSecurityPolicySpec) Reset() { *m = PodSecurityPolicySpec{} }
func (*PodSecurityPolicySpec) ProtoMessage() {}
-func (*PodSecurityPolicySpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{39} }
+func (*PodSecurityPolicySpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{40} }
func (m *ReplicaSet) Reset() { *m = ReplicaSet{} }
func (*ReplicaSet) ProtoMessage() {}
-func (*ReplicaSet) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{40} }
+func (*ReplicaSet) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{41} }
func (m *ReplicaSetCondition) Reset() { *m = ReplicaSetCondition{} }
func (*ReplicaSetCondition) ProtoMessage() {}
-func (*ReplicaSetCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{41} }
+func (*ReplicaSetCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{42} }
func (m *ReplicaSetList) Reset() { *m = ReplicaSetList{} }
func (*ReplicaSetList) ProtoMessage() {}
-func (*ReplicaSetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{42} }
+func (*ReplicaSetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{43} }
func (m *ReplicaSetSpec) Reset() { *m = ReplicaSetSpec{} }
func (*ReplicaSetSpec) ProtoMessage() {}
-func (*ReplicaSetSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{43} }
+func (*ReplicaSetSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{44} }
func (m *ReplicaSetStatus) Reset() { *m = ReplicaSetStatus{} }
func (*ReplicaSetStatus) ProtoMessage() {}
-func (*ReplicaSetStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{44} }
+func (*ReplicaSetStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{45} }
func (m *ReplicationControllerDummy) Reset() { *m = ReplicationControllerDummy{} }
func (*ReplicationControllerDummy) ProtoMessage() {}
func (*ReplicationControllerDummy) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{45}
+ return fileDescriptorGenerated, []int{46}
}
func (m *RollbackConfig) Reset() { *m = RollbackConfig{} }
func (*RollbackConfig) ProtoMessage() {}
-func (*RollbackConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{46} }
+func (*RollbackConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{47} }
func (m *RollingUpdateDaemonSet) Reset() { *m = RollingUpdateDaemonSet{} }
func (*RollingUpdateDaemonSet) ProtoMessage() {}
-func (*RollingUpdateDaemonSet) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{47} }
+func (*RollingUpdateDaemonSet) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{48} }
func (m *RollingUpdateDeployment) Reset() { *m = RollingUpdateDeployment{} }
func (*RollingUpdateDeployment) ProtoMessage() {}
func (*RollingUpdateDeployment) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{48}
+ return fileDescriptorGenerated, []int{49}
}
func (m *RunAsUserStrategyOptions) Reset() { *m = RunAsUserStrategyOptions{} }
func (*RunAsUserStrategyOptions) ProtoMessage() {}
func (*RunAsUserStrategyOptions) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{49}
+ return fileDescriptorGenerated, []int{50}
}
func (m *SELinuxStrategyOptions) Reset() { *m = SELinuxStrategyOptions{} }
func (*SELinuxStrategyOptions) ProtoMessage() {}
-func (*SELinuxStrategyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{50} }
+func (*SELinuxStrategyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{51} }
func (m *Scale) Reset() { *m = Scale{} }
func (*Scale) ProtoMessage() {}
-func (*Scale) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{51} }
+func (*Scale) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{52} }
func (m *ScaleSpec) Reset() { *m = ScaleSpec{} }
func (*ScaleSpec) ProtoMessage() {}
-func (*ScaleSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{52} }
+func (*ScaleSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{53} }
func (m *ScaleStatus) Reset() { *m = ScaleStatus{} }
func (*ScaleStatus) ProtoMessage() {}
-func (*ScaleStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{53} }
+func (*ScaleStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{54} }
func (m *SupplementalGroupsStrategyOptions) Reset() { *m = SupplementalGroupsStrategyOptions{} }
func (*SupplementalGroupsStrategyOptions) ProtoMessage() {}
func (*SupplementalGroupsStrategyOptions) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{54}
+ return fileDescriptorGenerated, []int{55}
}
func (m *ThirdPartyResource) Reset() { *m = ThirdPartyResource{} }
func (*ThirdPartyResource) ProtoMessage() {}
-func (*ThirdPartyResource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{55} }
+func (*ThirdPartyResource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{56} }
func (m *ThirdPartyResourceData) Reset() { *m = ThirdPartyResourceData{} }
func (*ThirdPartyResourceData) ProtoMessage() {}
-func (*ThirdPartyResourceData) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{56} }
+func (*ThirdPartyResourceData) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{57} }
func (m *ThirdPartyResourceDataList) Reset() { *m = ThirdPartyResourceDataList{} }
func (*ThirdPartyResourceDataList) ProtoMessage() {}
func (*ThirdPartyResourceDataList) Descriptor() ([]byte, []int) {
- return fileDescriptorGenerated, []int{57}
+ return fileDescriptorGenerated, []int{58}
}
func (m *ThirdPartyResourceList) Reset() { *m = ThirdPartyResourceList{} }
func (*ThirdPartyResourceList) ProtoMessage() {}
-func (*ThirdPartyResourceList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{58} }
+func (*ThirdPartyResourceList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{59} }
func init() {
proto.RegisterType((*APIVersion)(nil), "k8s.io.api.extensions.v1beta1.APIVersion")
+ proto.RegisterType((*AllowedHostPath)(nil), "k8s.io.api.extensions.v1beta1.AllowedHostPath")
proto.RegisterType((*CustomMetricCurrentStatus)(nil), "k8s.io.api.extensions.v1beta1.CustomMetricCurrentStatus")
proto.RegisterType((*CustomMetricCurrentStatusList)(nil), "k8s.io.api.extensions.v1beta1.CustomMetricCurrentStatusList")
proto.RegisterType((*CustomMetricTarget)(nil), "k8s.io.api.extensions.v1beta1.CustomMetricTarget")
@@ -450,6 +458,28 @@ func (m *APIVersion) MarshalTo(dAtA []byte) (int, error) {
return i, nil
}
+func (m *AllowedHostPath) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalTo(dAtA)
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *AllowedHostPath) MarshalTo(dAtA []byte) (int, error) {
+ var i int
+ _ = i
+ var l int
+ _ = l
+ dAtA[i] = 0xa
+ i++
+ i = encodeVarintGenerated(dAtA, i, uint64(len(m.PathPrefix)))
+ i += copy(dAtA[i:], m.PathPrefix)
+ return i, nil
+}
+
func (m *CustomMetricCurrentStatus) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
@@ -2078,6 +2108,20 @@ func (m *PodSecurityPolicySpec) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0
}
i++
+ if len(m.AllowedHostPaths) > 0 {
+ for _, msg := range m.AllowedHostPaths {
+ dAtA[i] = 0x8a
+ i++
+ dAtA[i] = 0x1
+ i++
+ i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+ n, err := msg.MarshalTo(dAtA[i:])
+ if err != nil {
+ return 0, err
+ }
+ i += n
+ }
+ }
return i, nil
}
@@ -2792,6 +2836,14 @@ func (m *APIVersion) Size() (n int) {
return n
}
+func (m *AllowedHostPath) Size() (n int) {
+ var l int
+ _ = l
+ l = len(m.PathPrefix)
+ n += 1 + l + sovGenerated(uint64(l))
+ return n
+}
+
func (m *CustomMetricCurrentStatus) Size() (n int) {
var l int
_ = l
@@ -3362,6 +3414,12 @@ func (m *PodSecurityPolicySpec) Size() (n int) {
n += 2
}
n += 3
+ if len(m.AllowedHostPaths) > 0 {
+ for _, e := range m.AllowedHostPaths {
+ l = e.Size()
+ n += 2 + l + sovGenerated(uint64(l))
+ }
+ }
return n
}
@@ -3632,6 +3690,16 @@ func (this *APIVersion) String() string {
}, "")
return s
}
+func (this *AllowedHostPath) String() string {
+ if this == nil {
+ return "nil"
+ }
+ s := strings.Join([]string{`&AllowedHostPath{`,
+ `PathPrefix:` + fmt.Sprintf("%v", this.PathPrefix) + `,`,
+ `}`,
+ }, "")
+ return s
+}
func (this *CustomMetricCurrentStatus) String() string {
if this == nil {
return "nil"
@@ -4110,6 +4178,7 @@ func (this *PodSecurityPolicySpec) String() string {
`ReadOnlyRootFilesystem:` + fmt.Sprintf("%v", this.ReadOnlyRootFilesystem) + `,`,
`DefaultAllowPrivilegeEscalation:` + valueToStringGenerated(this.DefaultAllowPrivilegeEscalation) + `,`,
`AllowPrivilegeEscalation:` + fmt.Sprintf("%v", this.AllowPrivilegeEscalation) + `,`,
+ `AllowedHostPaths:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.AllowedHostPaths), "AllowedHostPath", "AllowedHostPath", 1), `&`, ``, 1) + `,`,
`}`,
}, "")
return s
@@ -4428,6 +4497,85 @@ func (m *APIVersion) Unmarshal(dAtA []byte) error {
}
return nil
}
+func (m *AllowedHostPath) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= (uint64(b) & 0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: AllowedHostPath: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: AllowedHostPath: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field PathPrefix", wireType)
+ }
+ var stringLen uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ stringLen |= (uint64(b) & 0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ intStringLen := int(stringLen)
+ if intStringLen < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ postIndex := iNdEx + intStringLen
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.PathPrefix = string(dAtA[iNdEx:postIndex])
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipGenerated(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
func (m *CustomMetricCurrentStatus) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
@@ -9731,6 +9879,37 @@ func (m *PodSecurityPolicySpec) Unmarshal(dAtA []byte) error {
}
}
m.AllowPrivilegeEscalation = bool(v != 0)
+ case 17:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field AllowedHostPaths", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= (int(b) & 0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ postIndex := iNdEx + msglen
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.AllowedHostPaths = append(m.AllowedHostPaths, AllowedHostPath{})
+ if err := m.AllowedHostPaths[len(m.AllowedHostPaths)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -12183,224 +12362,228 @@ func init() {
}
var fileDescriptorGenerated = []byte{
- // 3495 bytes of a gzipped FileDescriptorProto
- 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xdc, 0x5b, 0xcd, 0x6f, 0x1b, 0xd7,
- 0xb5, 0xf7, 0x90, 0xa2, 0x48, 0x1d, 0x5a, 0x92, 0x75, 0xe5, 0xc8, 0x8c, 0x1c, 0x8b, 0xce, 0x04,
- 0xf0, 0xb3, 0xf3, 0x6c, 0x32, 0x76, 0xe2, 0xc4, 0x2f, 0xc6, 0xcb, 0x7b, 0xa2, 0xe4, 0x0f, 0xa5,
- 0xfa, 0xa0, 0x2f, 0x29, 0xa5, 0x35, 0xe2, 0x36, 0x23, 0xf2, 0x8a, 0x1a, 0x6b, 0x38, 0x33, 0x99,
- 0x0f, 0x45, 0xdc, 0x14, 0x5d, 0x05, 0x28, 0xd0, 0xa2, 0xed, 0x22, 0x45, 0xba, 0x6b, 0x36, 0x5d,
- 0xb5, 0x68, 0x76, 0xed, 0x22, 0x28, 0x50, 0x20, 0x05, 0x8c, 0x22, 0x2d, 0xb2, 0x6a, 0xb3, 0x12,
- 0x1a, 0x65, 0xd9, 0x7f, 0xa0, 0xf0, 0xa2, 0x28, 0xee, 0x9d, 0x3b, 0xdf, 0x33, 0x22, 0xa9, 0xd8,
- 0x42, 0xd1, 0x9d, 0x78, 0xef, 0x39, 0xbf, 0xf3, 0x71, 0xef, 0x3d, 0xe7, 0xdc, 0x7b, 0x46, 0x70,
- 0x7b, 0xe7, 0x86, 0x59, 0x91, 0xb5, 0xea, 0x8e, 0xbd, 0x49, 0x0c, 0x95, 0x58, 0xc4, 0xac, 0xee,
- 0x12, 0xb5, 0xad, 0x19, 0x55, 0x3e, 0x21, 0xe9, 0x72, 0x95, 0xec, 0x59, 0x44, 0x35, 0x65, 0x4d,
- 0x35, 0xab, 0xbb, 0x57, 0x37, 0x89, 0x25, 0x5d, 0xad, 0x76, 0x88, 0x4a, 0x0c, 0xc9, 0x22, 0xed,
- 0x8a, 0x6e, 0x68, 0x96, 0x86, 0xce, 0x39, 0xe4, 0x15, 0x49, 0x97, 0x2b, 0x3e, 0x79, 0x85, 0x93,
- 0xcf, 0x5e, 0xe9, 0xc8, 0xd6, 0xb6, 0xbd, 0x59, 0x69, 0x69, 0xdd, 0x6a, 0x47, 0xeb, 0x68, 0x55,
- 0xc6, 0xb5, 0x69, 0x6f, 0xb1, 0x5f, 0xec, 0x07, 0xfb, 0xcb, 0x41, 0x9b, 0x15, 0x03, 0xc2, 0x5b,
- 0x9a, 0x41, 0xaa, 0xbb, 0x31, 0x89, 0xb3, 0x97, 0x02, 0x34, 0xba, 0xa6, 0xc8, 0xad, 0x5e, 0x9a,
- 0x72, 0xb3, 0xaf, 0xf8, 0xa4, 0x5d, 0xa9, 0xb5, 0x2d, 0xab, 0xc4, 0xe8, 0x55, 0xf5, 0x9d, 0x0e,
- 0xe3, 0x35, 0x88, 0xa9, 0xd9, 0x46, 0x8b, 0x0c, 0xc5, 0x65, 0x56, 0xbb, 0xc4, 0x92, 0x92, 0xd4,
- 0xaa, 0xa6, 0x71, 0x19, 0xb6, 0x6a, 0xc9, 0xdd, 0xb8, 0x98, 0x57, 0xfb, 0x31, 0x98, 0xad, 0x6d,
- 0xd2, 0x95, 0x62, 0x7c, 0x2f, 0xa7, 0xf1, 0xd9, 0x96, 0xac, 0x54, 0x65, 0xd5, 0x32, 0x2d, 0x23,
- 0xca, 0x24, 0x56, 0x00, 0xe6, 0xeb, 0x4b, 0x1b, 0xc4, 0xa0, 0xcb, 0x83, 0xce, 0xc3, 0x88, 0x2a,
- 0x75, 0x49, 0x49, 0x38, 0x2f, 0x5c, 0x1c, 0xab, 0x9d, 0x7c, 0xb4, 0x5f, 0x3e, 0x71, 0xb0, 0x5f,
- 0x1e, 0x59, 0x95, 0xba, 0x04, 0xb3, 0x19, 0xf1, 0x67, 0x02, 0x3c, 0xbb, 0x60, 0x9b, 0x96, 0xd6,
- 0x5d, 0x21, 0x96, 0x21, 0xb7, 0x16, 0x6c, 0xc3, 0x20, 0xaa, 0xd5, 0xb0, 0x24, 0xcb, 0x36, 0xfb,
- 0xf3, 0xa3, 0xfb, 0x90, 0xdb, 0x95, 0x14, 0x9b, 0x94, 0x32, 0xe7, 0x85, 0x8b, 0xc5, 0x6b, 0x95,
- 0x8a, 0xbf, 0x4d, 0x3c, 0xa5, 0x2b, 0xfa, 0x4e, 0x87, 0xed, 0x1b, 0x77, 0x25, 0x2a, 0xf7, 0x6c,
- 0x49, 0xb5, 0x64, 0xab, 0x57, 0x3b, 0xcd, 0x21, 0x4f, 0x72, 0xb9, 0x1b, 0x14, 0x0b, 0x3b, 0x90,
- 0xe2, 0x77, 0xe1, 0x5c, 0xaa, 0x6a, 0xcb, 0xb2, 0x69, 0xa1, 0x07, 0x90, 0x93, 0x2d, 0xd2, 0x35,
- 0x4b, 0xc2, 0xf9, 0xec, 0xc5, 0xe2, 0xb5, 0x1b, 0x95, 0x43, 0xf7, 0x68, 0x25, 0x15, 0xac, 0x36,
- 0xce, 0xd5, 0xc8, 0x2d, 0x51, 0x38, 0xec, 0xa0, 0x8a, 0x3f, 0x11, 0x00, 0x05, 0x79, 0x9a, 0x92,
- 0xd1, 0x21, 0xd6, 0x00, 0x4e, 0xf9, 0xd6, 0xd7, 0x73, 0xca, 0x34, 0x87, 0x2c, 0x3a, 0x02, 0x43,
- 0x3e, 0xd1, 0x61, 0x26, 0xae, 0x12, 0x73, 0xc6, 0x46, 0xd8, 0x19, 0x57, 0x87, 0x70, 0x86, 0x83,
- 0x92, 0xe2, 0x85, 0x0f, 0x32, 0x30, 0xb6, 0x28, 0x91, 0xae, 0xa6, 0x36, 0x88, 0x85, 0xde, 0x81,
- 0x02, 0x3d, 0x18, 0x6d, 0xc9, 0x92, 0x98, 0x03, 0x8a, 0xd7, 0x5e, 0x3a, 0xcc, 0x3a, 0xb3, 0x42,
- 0xa9, 0x2b, 0xbb, 0x57, 0x2b, 0x6b, 0x9b, 0x0f, 0x49, 0xcb, 0x5a, 0x21, 0x96, 0x54, 0x43, 0x5c,
- 0x0e, 0xf8, 0x63, 0xd8, 0x43, 0x45, 0xab, 0x30, 0x62, 0xea, 0xa4, 0xc5, 0x7d, 0x77, 0xb9, 0x8f,
- 0x19, 0x9e, 0x66, 0x0d, 0x9d, 0xb4, 0xfc, 0xc5, 0xa0, 0xbf, 0x30, 0xc3, 0x41, 0x1b, 0x30, 0x6a,
- 0xb2, 0x55, 0x2e, 0x65, 0x63, 0xab, 0x71, 0x38, 0xa2, 0xb3, 0x37, 0x26, 0x38, 0xe6, 0xa8, 0xf3,
- 0x1b, 0x73, 0x34, 0xf1, 0x13, 0x01, 0xc6, 0x3d, 0x5a, 0xb6, 0x02, 0x6f, 0xc7, 0x7c, 0x53, 0x19,
- 0xcc, 0x37, 0x94, 0x9b, 0x79, 0xe6, 0x14, 0x97, 0x55, 0x70, 0x47, 0x02, 0x7e, 0x59, 0x71, 0xd7,
- 0x37, 0xc3, 0xd6, 0xf7, 0xe2, 0xa0, 0x66, 0xa4, 0x2c, 0xeb, 0x4f, 0x47, 0x02, 0xea, 0x53, 0x77,
- 0xa1, 0x07, 0x50, 0x30, 0x89, 0x42, 0x5a, 0x96, 0x66, 0x70, 0xf5, 0x5f, 0x1e, 0x50, 0x7d, 0x69,
- 0x93, 0x28, 0x0d, 0xce, 0x5a, 0x3b, 0x49, 0xf5, 0x77, 0x7f, 0x61, 0x0f, 0x12, 0xdd, 0x83, 0x82,
- 0x45, 0xba, 0xba, 0x22, 0x59, 0xee, 0xb9, 0x78, 0x21, 0x68, 0x02, 0xcd, 0x02, 0x14, 0xac, 0xae,
- 0xb5, 0x9b, 0x9c, 0x8c, 0x2d, 0xa9, 0xe7, 0x12, 0x77, 0x14, 0x7b, 0x30, 0x68, 0x17, 0x26, 0x6c,
- 0xbd, 0x4d, 0x29, 0x2d, 0x1a, 0x03, 0x3b, 0x3d, 0xbe, 0xc4, 0xaf, 0x0e, 0xea, 0x9b, 0xf5, 0x10,
- 0x77, 0x6d, 0x86, 0xcb, 0x9a, 0x08, 0x8f, 0xe3, 0x88, 0x14, 0x34, 0x0f, 0x93, 0x5d, 0x59, 0xc5,
- 0x44, 0x6a, 0xf7, 0x1a, 0xa4, 0xa5, 0xa9, 0x6d, 0xb3, 0x34, 0x72, 0x5e, 0xb8, 0x98, 0xab, 0x9d,
- 0xe1, 0x00, 0x93, 0x2b, 0xe1, 0x69, 0x1c, 0xa5, 0x47, 0x6f, 0x02, 0x72, 0xcd, 0xb8, 0xe3, 0x84,
- 0x70, 0x59, 0x53, 0x4b, 0xb9, 0xf3, 0xc2, 0xc5, 0x6c, 0x6d, 0x96, 0xa3, 0xa0, 0x66, 0x8c, 0x02,
- 0x27, 0x70, 0xa1, 0x65, 0x38, 0x6d, 0x90, 0x5d, 0x99, 0xda, 0x78, 0x57, 0x36, 0x2d, 0xcd, 0xe8,
- 0x2d, 0xcb, 0x5d, 0xd9, 0x2a, 0x8d, 0x32, 0x9d, 0x4a, 0x07, 0xfb, 0xe5, 0xd3, 0x38, 0x61, 0x1e,
- 0x27, 0x72, 0x89, 0x1f, 0xe7, 0x60, 0x32, 0x72, 0x06, 0xd0, 0x06, 0xcc, 0xb4, 0x9c, 0x80, 0xb9,
- 0x6a, 0x77, 0x37, 0x89, 0xd1, 0x68, 0x6d, 0x93, 0xb6, 0xad, 0x90, 0x36, 0xdb, 0x28, 0xb9, 0xda,
- 0x1c, 0xd7, 0x78, 0x66, 0x21, 0x91, 0x0a, 0xa7, 0x70, 0x53, 0x2f, 0xa8, 0x6c, 0x68, 0x45, 0x36,
- 0x4d, 0x0f, 0x33, 0xc3, 0x30, 0x3d, 0x2f, 0xac, 0xc6, 0x28, 0x70, 0x02, 0x17, 0xd5, 0xb1, 0x4d,
- 0x4c, 0xd9, 0x20, 0xed, 0xa8, 0x8e, 0xd9, 0xb0, 0x8e, 0x8b, 0x89, 0x54, 0x38, 0x85, 0x1b, 0x5d,
- 0x87, 0xa2, 0x23, 0x8d, 0xad, 0x1f, 0x5f, 0x68, 0x2f, 0x44, 0xaf, 0xfa, 0x53, 0x38, 0x48, 0x47,
- 0x4d, 0xd3, 0x36, 0x4d, 0x62, 0xec, 0x92, 0x76, 0xfa, 0x02, 0xaf, 0xc5, 0x28, 0x70, 0x02, 0x17,
- 0x35, 0xcd, 0xd9, 0x81, 0x31, 0xd3, 0x46, 0xc3, 0xa6, 0xad, 0x27, 0x52, 0xe1, 0x14, 0x6e, 0xba,
- 0x8f, 0x1d, 0x95, 0xe7, 0x77, 0x25, 0x59, 0x91, 0x36, 0x15, 0x52, 0xca, 0x87, 0xf7, 0xf1, 0x6a,
- 0x78, 0x1a, 0x47, 0xe9, 0xd1, 0x1d, 0x98, 0x72, 0x86, 0xd6, 0x55, 0xc9, 0x03, 0x29, 0x30, 0x90,
- 0x67, 0x39, 0xc8, 0xd4, 0x6a, 0x94, 0x00, 0xc7, 0x79, 0xd0, 0xeb, 0x30, 0xd1, 0xd2, 0x14, 0x85,
- 0xed, 0xc7, 0x05, 0xcd, 0x56, 0xad, 0xd2, 0x18, 0x43, 0x41, 0xf4, 0x3c, 0x2e, 0x84, 0x66, 0x70,
- 0x84, 0x52, 0xfc, 0xa3, 0x00, 0x67, 0x52, 0xce, 0x34, 0xfa, 0x3f, 0x18, 0xb1, 0x7a, 0xba, 0x9b,
- 0xad, 0xff, 0xdb, 0x4d, 0x10, 0xcd, 0x9e, 0x4e, 0x1e, 0xef, 0x97, 0xcf, 0xa6, 0xb0, 0xd1, 0x69,
- 0xcc, 0x18, 0x91, 0x0a, 0xe3, 0x06, 0x15, 0xa7, 0x76, 0x1c, 0x12, 0x1e, 0xbc, 0xae, 0xf7, 0x89,
- 0x31, 0x38, 0xc8, 0xe3, 0x07, 0xe3, 0xa9, 0x83, 0xfd, 0xf2, 0x78, 0x68, 0x0e, 0x87, 0xe1, 0xc5,
- 0x0f, 0x33, 0x00, 0x8b, 0x44, 0x57, 0xb4, 0x5e, 0x97, 0xa8, 0xc7, 0x91, 0x70, 0xd7, 0x42, 0x09,
- 0xf7, 0x4a, 0xbf, 0xd8, 0xe9, 0xa9, 0x96, 0x9a, 0x71, 0xdf, 0x8a, 0x64, 0xdc, 0xea, 0xe0, 0x90,
- 0x87, 0xa7, 0xdc, 0xbf, 0x66, 0x61, 0xda, 0x27, 0x5e, 0xd0, 0xd4, 0xb6, 0xcc, 0xce, 0xc7, 0xcd,
- 0xd0, 0x1a, 0xff, 0x57, 0x64, 0x8d, 0xcf, 0x24, 0xb0, 0x04, 0xd6, 0x77, 0xd9, 0xd3, 0x36, 0xc3,
- 0xd8, 0x5f, 0x09, 0x0b, 0x7f, 0xbc, 0x5f, 0x4e, 0xb8, 0xac, 0x54, 0x3c, 0xa4, 0xb0, 0x8a, 0xe8,
- 0x02, 0x8c, 0x1a, 0x44, 0x32, 0x35, 0x95, 0x05, 0x8a, 0x31, 0xdf, 0x14, 0xcc, 0x46, 0x31, 0x9f,
- 0x45, 0x97, 0x20, 0xdf, 0x25, 0xa6, 0x29, 0x75, 0x08, 0x8b, 0x09, 0x63, 0xb5, 0x49, 0x4e, 0x98,
- 0x5f, 0x71, 0x86, 0xb1, 0x3b, 0x8f, 0x1e, 0xc2, 0x84, 0x22, 0x99, 0x7c, 0x83, 0x36, 0xe5, 0x2e,
- 0x61, 0xa7, 0xbe, 0x78, 0xed, 0xc5, 0xc1, 0xf6, 0x01, 0xe5, 0xf0, 0x33, 0xdb, 0x72, 0x08, 0x09,
- 0x47, 0x90, 0xd1, 0x2e, 0x20, 0x3a, 0xd2, 0x34, 0x24, 0xd5, 0x74, 0x1c, 0x45, 0xe5, 0xe5, 0x87,
- 0x96, 0xe7, 0x45, 0xb8, 0xe5, 0x18, 0x1a, 0x4e, 0x90, 0x20, 0xfe, 0x4e, 0x80, 0x09, 0x7f, 0x99,
- 0x8e, 0xa1, 0x9a, 0x5a, 0x0d, 0x57, 0x53, 0x97, 0x06, 0xde, 0xa2, 0x29, 0xe5, 0xd4, 0x3f, 0x32,
- 0x80, 0x7c, 0x22, 0x7a, 0xc0, 0x37, 0xa5, 0xd6, 0xce, 0x00, 0x77, 0x85, 0x0f, 0x04, 0x40, 0x3c,
- 0x3c, 0xcf, 0xab, 0xaa, 0x66, 0xb1, 0x88, 0xef, 0xaa, 0xb5, 0x34, 0xb0, 0x5a, 0xae, 0xc4, 0xca,
- 0x7a, 0x0c, 0xeb, 0x96, 0x6a, 0x19, 0x3d, 0x7f, 0x45, 0xe2, 0x04, 0x38, 0x41, 0x01, 0x24, 0x01,
- 0x18, 0x1c, 0xb3, 0xa9, 0xf1, 0x83, 0x7c, 0x65, 0x80, 0x98, 0x47, 0x19, 0x16, 0x34, 0x75, 0x4b,
- 0xee, 0xf8, 0x61, 0x07, 0x7b, 0x40, 0x38, 0x00, 0x3a, 0x7b, 0x0b, 0xce, 0xa4, 0x68, 0x8b, 0x4e,
- 0x41, 0x76, 0x87, 0xf4, 0x1c, 0xb7, 0x61, 0xfa, 0x27, 0x3a, 0x1d, 0xbc, 0x53, 0x8d, 0xf1, 0xeb,
- 0xd0, 0xeb, 0x99, 0x1b, 0x82, 0xf8, 0x49, 0x2e, 0xb8, 0x77, 0x58, 0x29, 0x7b, 0x11, 0x0a, 0x06,
- 0xd1, 0x15, 0xb9, 0x25, 0x99, 0xbc, 0x42, 0x61, 0x55, 0x29, 0xe6, 0x63, 0xd8, 0x9b, 0x0d, 0x15,
- 0xbd, 0x99, 0xa7, 0x5b, 0xf4, 0x66, 0x9f, 0x4c, 0xd1, 0xfb, 0x1d, 0x28, 0x98, 0x6e, 0xb9, 0x3b,
- 0xc2, 0x20, 0xaf, 0x0e, 0x11, 0x5f, 0x79, 0xa5, 0xeb, 0x09, 0xf0, 0x6a, 0x5c, 0x0f, 0x34, 0xa9,
- 0xba, 0xcd, 0x0d, 0x59, 0xdd, 0x3e, 0xd1, 0x8a, 0x94, 0xc6, 0x54, 0x5d, 0xb2, 0x4d, 0xd2, 0x66,
- 0x81, 0xa8, 0xe0, 0xc7, 0xd4, 0x3a, 0x1b, 0xc5, 0x7c, 0x16, 0x3d, 0x08, 0x6d, 0xd9, 0xc2, 0x51,
- 0xb6, 0xec, 0x44, 0xfa, 0x76, 0x45, 0xeb, 0x70, 0x46, 0x37, 0xb4, 0x8e, 0x41, 0x4c, 0x73, 0x91,
- 0x48, 0x6d, 0x45, 0x56, 0x89, 0xeb, 0x1f, 0xa7, 0x54, 0x39, 0x7b, 0xb0, 0x5f, 0x3e, 0x53, 0x4f,
- 0x26, 0xc1, 0x69, 0xbc, 0xe2, 0xa3, 0x11, 0x38, 0x15, 0xcd, 0x80, 0x29, 0xd5, 0xa3, 0x70, 0xa4,
- 0xea, 0xf1, 0x72, 0xe0, 0x30, 0x38, 0xa5, 0xb5, 0xb7, 0xfa, 0x09, 0x07, 0x62, 0x1e, 0x26, 0x79,
- 0x34, 0x70, 0x27, 0x79, 0xfd, 0xec, 0xad, 0xfe, 0x7a, 0x78, 0x1a, 0x47, 0xe9, 0x69, 0x4d, 0xe8,
- 0x97, 0x7a, 0x2e, 0xc8, 0x48, 0xb8, 0x26, 0x9c, 0x8f, 0x12, 0xe0, 0x38, 0x0f, 0x5a, 0x81, 0x69,
- 0x5b, 0x8d, 0x43, 0x39, 0xbb, 0xf1, 0x2c, 0x87, 0x9a, 0x5e, 0x8f, 0x93, 0xe0, 0x24, 0x3e, 0xb4,
- 0x05, 0xd0, 0x72, 0xd3, 0xb6, 0x59, 0x1a, 0x65, 0x11, 0xf6, 0xda, 0xc0, 0x67, 0xc7, 0xcb, 0xf8,
- 0x7e, 0x5c, 0xf3, 0x86, 0x4c, 0x1c, 0x40, 0x46, 0x37, 0x61, 0xdc, 0x60, 0x17, 0x02, 0x57, 0x61,
- 0xa7, 0xa8, 0x7e, 0x86, 0xb3, 0x8d, 0xe3, 0xe0, 0x24, 0x0e, 0xd3, 0x26, 0xd4, 0xc1, 0x85, 0x81,
- 0xeb, 0xe0, 0xdf, 0x0b, 0xc1, 0x24, 0xe4, 0x95, 0xc0, 0xaf, 0x87, 0xca, 0xa3, 0x0b, 0x91, 0xf2,
- 0x68, 0x26, 0xce, 0x11, 0xa8, 0x8e, 0xb4, 0xe4, 0xea, 0xf7, 0xd5, 0xa1, 0xaa, 0x5f, 0x3f, 0x79,
- 0xf6, 0x2f, 0x7f, 0x3f, 0x12, 0x60, 0xe6, 0x76, 0xe3, 0x8e, 0xa1, 0xd9, 0xba, 0xab, 0xce, 0x9a,
- 0xee, 0xf8, 0xf5, 0x35, 0x18, 0x31, 0x6c, 0xc5, 0xb5, 0xe3, 0x05, 0xd7, 0x0e, 0x6c, 0x2b, 0xd4,
- 0x8e, 0xe9, 0x08, 0x97, 0x63, 0x04, 0x65, 0x40, 0xab, 0x30, 0x6a, 0x48, 0x6a, 0x87, 0xb8, 0x69,
- 0xf5, 0x42, 0x1f, 0xed, 0x97, 0x16, 0x31, 0x25, 0x0f, 0x14, 0x6f, 0x8c, 0x1b, 0x73, 0x14, 0xf1,
- 0x87, 0x02, 0x4c, 0xde, 0x6d, 0x36, 0xeb, 0x4b, 0x2a, 0x3b, 0xd1, 0x75, 0xc9, 0xda, 0xa6, 0x99,
- 0x5e, 0x97, 0xac, 0xed, 0x68, 0xa6, 0xa7, 0x73, 0x98, 0xcd, 0xa0, 0x6f, 0x42, 0x9e, 0x46, 0x12,
- 0xa2, 0xb6, 0x07, 0x2c, 0xb5, 0x39, 0x7c, 0xcd, 0x61, 0xf2, 0x2b, 0x44, 0x3e, 0x80, 0x5d, 0x38,
- 0x71, 0x07, 0x4e, 0x07, 0xd4, 0xa1, 0xfe, 0x60, 0x6f, 0x86, 0xa8, 0x01, 0x39, 0x2a, 0xd9, 0x7d,
- 0x12, 0xec, 0xf7, 0xf2, 0x15, 0x31, 0xc9, 0xaf, 0x74, 0xe8, 0x2f, 0x13, 0x3b, 0x58, 0xe2, 0x0a,
- 0x8c, 0xdf, 0xd5, 0x4c, 0xab, 0xae, 0x19, 0x16, 0x73, 0x0b, 0x3a, 0x07, 0xd9, 0xae, 0xac, 0xf2,
- 0x3c, 0x5b, 0xe4, 0x3c, 0x59, 0x9a, 0x23, 0xe8, 0x38, 0x9b, 0x96, 0xf6, 0x78, 0xe4, 0xf1, 0xa7,
- 0xa5, 0x3d, 0x4c, 0xc7, 0xc5, 0x3b, 0x90, 0xe7, 0xee, 0x0e, 0x02, 0x65, 0x0f, 0x07, 0xca, 0x26,
- 0x00, 0xad, 0x41, 0x7e, 0xa9, 0x5e, 0x53, 0x34, 0xa7, 0xea, 0x6a, 0xc9, 0x6d, 0x23, 0xba, 0x16,
- 0x0b, 0x4b, 0x8b, 0x18, 0xb3, 0x19, 0x24, 0xc2, 0x28, 0xd9, 0x6b, 0x11, 0xdd, 0x62, 0x3b, 0x62,
- 0xac, 0x06, 0x74, 0x95, 0x6f, 0xb1, 0x11, 0xcc, 0x67, 0xc4, 0x1f, 0x65, 0x20, 0xcf, 0xdd, 0x71,
- 0x0c, 0xb7, 0xb0, 0xe5, 0xd0, 0x2d, 0xec, 0xc5, 0xc1, 0xb6, 0x46, 0xea, 0x15, 0xac, 0x19, 0xb9,
- 0x82, 0x5d, 0x1e, 0x10, 0xef, 0xf0, 0xfb, 0xd7, 0xc7, 0x02, 0x4c, 0x84, 0x37, 0x25, 0xba, 0x0e,
- 0x45, 0x9a, 0x70, 0xe4, 0x16, 0x59, 0xf5, 0xeb, 0x5c, 0xef, 0x75, 0xa4, 0xe1, 0x4f, 0xe1, 0x20,
- 0x1d, 0xea, 0x78, 0x6c, 0x74, 0x1f, 0x71, 0xa3, 0xd3, 0x5d, 0x6a, 0x5b, 0xb2, 0x52, 0x71, 0x3a,
- 0x1e, 0x95, 0x25, 0xd5, 0x5a, 0x33, 0x1a, 0x96, 0x21, 0xab, 0x9d, 0x98, 0x20, 0xb6, 0x29, 0x83,
- 0xc8, 0xe2, 0x6f, 0x05, 0x28, 0x72, 0x95, 0x8f, 0xe1, 0x56, 0xf1, 0x8d, 0xf0, 0xad, 0xe2, 0xc2,
- 0x80, 0x07, 0x3c, 0xf9, 0x4a, 0xf1, 0x0b, 0x5f, 0x75, 0x7a, 0xa4, 0xe9, 0xae, 0xde, 0xd6, 0x4c,
- 0x2b, 0xba, 0xab, 0xe9, 0x61, 0xc4, 0x6c, 0x06, 0xd9, 0x70, 0x4a, 0x8e, 0xc4, 0x00, 0xee, 0xda,
- 0xea, 0x60, 0x9a, 0x78, 0x6c, 0xb5, 0x12, 0x87, 0x3f, 0x15, 0x9d, 0xc1, 0x31, 0x11, 0x22, 0x81,
- 0x18, 0x15, 0xba, 0x07, 0x23, 0xdb, 0x96, 0xa5, 0x27, 0x3c, 0x24, 0xf7, 0x89, 0x3c, 0xbe, 0x0a,
- 0x05, 0x66, 0x5d, 0xb3, 0x59, 0xc7, 0x0c, 0x4a, 0xfc, 0xa7, 0xef, 0x8f, 0x86, 0xb3, 0xc7, 0xbd,
- 0x78, 0x2a, 0x1c, 0x25, 0x9e, 0x16, 0x93, 0x62, 0x29, 0xba, 0x0b, 0x59, 0x4b, 0x19, 0xf4, 0x5a,
- 0xc8, 0x11, 0x9b, 0xcb, 0x0d, 0x3f, 0x20, 0x35, 0x97, 0x1b, 0x98, 0x42, 0xa0, 0x35, 0xc8, 0xd1,
- 0xec, 0x43, 0x8f, 0x60, 0x76, 0xf0, 0x23, 0x4d, 0xed, 0xf7, 0x37, 0x04, 0xfd, 0x65, 0x62, 0x07,
- 0x47, 0x7c, 0x17, 0xc6, 0x43, 0xe7, 0x14, 0xbd, 0x03, 0x27, 0x15, 0x4d, 0x6a, 0xd7, 0x24, 0x45,
- 0x52, 0x5b, 0xc4, 0x7d, 0xb5, 0xbf, 0x90, 0x74, 0xc3, 0x58, 0x0e, 0xd0, 0xf1, 0x53, 0xee, 0xf5,
- 0xde, 0x82, 0x73, 0x38, 0x84, 0x28, 0x4a, 0x00, 0xbe, 0x8d, 0xa8, 0x0c, 0x39, 0xba, 0xcf, 0x9c,
- 0x7c, 0x32, 0x56, 0x1b, 0xa3, 0x1a, 0xd2, 0xed, 0x67, 0x62, 0x67, 0x1c, 0x5d, 0x03, 0x30, 0x49,
- 0xcb, 0x20, 0x16, 0x0b, 0x06, 0xce, 0x7b, 0x8a, 0x17, 0xf6, 0x1a, 0xde, 0x0c, 0x0e, 0x50, 0x89,
- 0x7f, 0x10, 0x60, 0x7c, 0x95, 0x58, 0xef, 0x69, 0xc6, 0x4e, 0x9d, 0x75, 0x79, 0x8f, 0x21, 0xd8,
- 0xe2, 0x50, 0xb0, 0x7d, 0xa9, 0xcf, 0xca, 0x84, 0xb4, 0x4b, 0x0b, 0xb9, 0xd4, 0x8e, 0x52, 0x88,
- 0x32, 0x78, 0x76, 0xd7, 0x21, 0xa7, 0x6b, 0x86, 0xe5, 0x66, 0xe2, 0xa1, 0x24, 0xd2, 0x38, 0x16,
- 0xc8, 0xc5, 0x14, 0x06, 0x3b, 0x68, 0xd4, 0x8e, 0x2d, 0x43, 0xeb, 0xf2, 0xdd, 0x3a, 0x1c, 0x2a,
- 0x21, 0x86, 0x6f, 0xc7, 0x6d, 0x43, 0xeb, 0x62, 0x86, 0x25, 0x7e, 0x2a, 0xc0, 0x54, 0x88, 0xf2,
- 0x18, 0xe2, 0xe6, 0xbd, 0x70, 0xdc, 0xbc, 0x3c, 0x8c, 0x21, 0x29, 0xd1, 0xf3, 0xd3, 0x4c, 0xc4,
- 0x0c, 0x6a, 0x30, 0xda, 0x82, 0xa2, 0xae, 0xb5, 0x1b, 0x4f, 0xa0, 0xcd, 0x35, 0x49, 0xd3, 0x4e,
- 0xdd, 0xc7, 0xc2, 0x41, 0x60, 0xb4, 0x07, 0x53, 0xaa, 0xd4, 0x25, 0xa6, 0x2e, 0xb5, 0x48, 0xe3,
- 0x09, 0xbc, 0x2f, 0x3c, 0xc3, 0xde, 0xd1, 0xa3, 0x88, 0x38, 0x2e, 0x04, 0xad, 0x40, 0x5e, 0xd6,
- 0x59, 0x19, 0xc4, 0x53, 0x7f, 0xdf, 0x24, 0xe4, 0x14, 0x4d, 0x4e, 0x38, 0xe4, 0x3f, 0xb0, 0x8b,
- 0x21, 0xfe, 0x32, 0xba, 0x1b, 0xe8, 0xfe, 0x43, 0x77, 0xa0, 0xc0, 0x3e, 0x37, 0x68, 0x69, 0x8a,
- 0xfb, 0xb0, 0x4e, 0x57, 0xb6, 0xce, 0xc7, 0x1e, 0xef, 0x97, 0xcf, 0x26, 0xbc, 0x99, 0xba, 0xd3,
- 0xd8, 0x63, 0x46, 0xab, 0x30, 0xa2, 0x7f, 0x9d, 0x02, 0x80, 0xe5, 0x08, 0x96, 0xf5, 0x19, 0x8e,
- 0xf8, 0x55, 0x54, 0x5d, 0x96, 0x29, 0x1e, 0x3e, 0xb1, 0x55, 0xf7, 0x0a, 0x8e, 0xd4, 0x95, 0xdf,
- 0x84, 0x3c, 0x4f, 0x90, 0x7c, 0x33, 0xbf, 0x36, 0xcc, 0x66, 0x0e, 0x26, 0x01, 0xaf, 0xde, 0x77,
- 0x07, 0x5d, 0x60, 0xf1, 0x4f, 0x02, 0x4c, 0x31, 0x05, 0x5a, 0xb6, 0x21, 0x5b, 0xbd, 0x63, 0x0b,
- 0x9b, 0x1b, 0xa1, 0xb0, 0xf9, 0x4a, 0x1f, 0xc3, 0x62, 0x1a, 0xa6, 0x86, 0xce, 0xcf, 0x04, 0x78,
- 0x26, 0x46, 0x7d, 0x0c, 0x61, 0x67, 0x3d, 0x1c, 0x76, 0x5e, 0x1a, 0xd6, 0xa0, 0xb4, 0xc2, 0xad,
- 0x98, 0x60, 0x0e, 0xdb, 0x88, 0xd7, 0x00, 0x74, 0x43, 0xde, 0x95, 0x15, 0xd2, 0xe1, 0xbd, 0xd3,
- 0x82, 0xef, 0xf2, 0xba, 0x37, 0x83, 0x03, 0x54, 0xc8, 0x84, 0x99, 0x36, 0xd9, 0x92, 0x6c, 0xc5,
- 0x9a, 0x6f, 0xb7, 0x17, 0x24, 0x5d, 0xda, 0x94, 0x15, 0xd9, 0x92, 0xf9, 0x65, 0x76, 0xac, 0x76,
- 0xd3, 0xe9, 0x69, 0x26, 0x51, 0x3c, 0xde, 0x2f, 0x9f, 0x4b, 0xea, 0x5d, 0xb8, 0x24, 0x3d, 0x9c,
- 0x02, 0x8d, 0x7a, 0x50, 0x32, 0xc8, 0xbb, 0xb6, 0x6c, 0x90, 0xf6, 0xa2, 0xa1, 0xe9, 0x21, 0xb1,
- 0x59, 0x26, 0xf6, 0x7f, 0x0f, 0xf6, 0xcb, 0x25, 0x9c, 0x42, 0xd3, 0x5f, 0x70, 0x2a, 0x3c, 0x7a,
- 0x08, 0xd3, 0x92, 0xa2, 0x68, 0xef, 0x91, 0xb0, 0xb1, 0x23, 0x4c, 0xea, 0x8d, 0x83, 0xfd, 0xf2,
- 0xf4, 0x7c, 0x7c, 0xba, 0xbf, 0xc0, 0x24, 0x50, 0x54, 0x85, 0xfc, 0xae, 0xa6, 0xd8, 0x5d, 0x62,
- 0x96, 0x72, 0x0c, 0x9f, 0xc6, 0xd9, 0xfc, 0x86, 0x33, 0xf4, 0x78, 0xbf, 0x3c, 0x7a, 0xbb, 0xc1,
- 0x9e, 0x11, 0x5c, 0x2a, 0x7a, 0xdd, 0xa1, 0x95, 0x0e, 0x3f, 0xb3, 0xec, 0x3d, 0xb3, 0xe0, 0x07,
- 0x85, 0xbb, 0xfe, 0x14, 0x0e, 0xd2, 0xa1, 0x07, 0x30, 0xb6, 0xcd, 0xef, 0xcc, 0x66, 0x29, 0x3f,
- 0x50, 0x8e, 0x0b, 0xdd, 0xb1, 0x6b, 0x53, 0x5c, 0xc4, 0x98, 0x3b, 0x6c, 0x62, 0x1f, 0x11, 0x5d,
- 0x82, 0x3c, 0xfb, 0xb1, 0xb4, 0xc8, 0x1e, 0x8b, 0x0a, 0x7e, 0xe8, 0xb8, 0xeb, 0x0c, 0x63, 0x77,
- 0xde, 0x25, 0x5d, 0xaa, 0x2f, 0xb0, 0x47, 0xcb, 0x08, 0xe9, 0x52, 0x7d, 0x01, 0xbb, 0xf3, 0xe8,
- 0x1d, 0xc8, 0x9b, 0x64, 0x59, 0x56, 0xed, 0xbd, 0x12, 0x0c, 0xd4, 0xf2, 0x6c, 0xdc, 0x62, 0xd4,
- 0x91, 0x67, 0x1b, 0x5f, 0x02, 0x9f, 0xc7, 0x2e, 0x2c, 0xda, 0x86, 0x31, 0xc3, 0x56, 0xe7, 0xcd,
- 0x75, 0x93, 0x18, 0xa5, 0x22, 0x93, 0xd1, 0x2f, 0x5a, 0x62, 0x97, 0x3e, 0x2a, 0xc5, 0xf3, 0x90,
- 0x47, 0x81, 0x7d, 0x70, 0xf4, 0x03, 0x01, 0x90, 0x69, 0xeb, 0xba, 0x42, 0xba, 0x44, 0xb5, 0x24,
- 0x85, 0xbd, 0x14, 0x99, 0xa5, 0x93, 0x4c, 0xe6, 0xff, 0xf7, 0xb3, 0x2b, 0xc6, 0x18, 0x15, 0xee,
- 0x3d, 0xc9, 0xc6, 0x49, 0x71, 0x82, 0x5c, 0xea, 0xda, 0x2d, 0x93, 0xfd, 0x5d, 0x1a, 0x1f, 0xc8,
- 0xb5, 0xc9, 0x2f, 0x62, 0xbe, 0x6b, 0xf9, 0x3c, 0x76, 0x61, 0xd1, 0x06, 0xcc, 0x18, 0x44, 0x6a,
- 0xaf, 0xa9, 0x4a, 0x0f, 0x6b, 0x9a, 0x75, 0x5b, 0x56, 0x88, 0xd9, 0x33, 0x2d, 0xd2, 0x2d, 0x4d,
- 0xb0, 0x65, 0xf7, 0x3e, 0x19, 0xc0, 0x89, 0x54, 0x38, 0x85, 0x1b, 0x75, 0xa1, 0xec, 0x86, 0x0c,
- 0x7a, 0x9e, 0xbc, 0x98, 0x75, 0xcb, 0x6c, 0x49, 0x8a, 0xf3, 0x4a, 0x3d, 0xc9, 0x04, 0xbc, 0x70,
- 0xb0, 0x5f, 0x2e, 0x2f, 0x1e, 0x4e, 0x8a, 0xfb, 0x61, 0xa1, 0xb7, 0xa1, 0x24, 0xa5, 0xc9, 0x39,
- 0xc5, 0xe4, 0x9c, 0xe7, 0x86, 0x94, 0x52, 0x85, 0xa4, 0x22, 0xb0, 0x56, 0x3b, 0x7f, 0x78, 0x3d,
- 0x9e, 0x6f, 0xdb, 0x86, 0x6b, 0xb5, 0xfb, 0xaa, 0x3d, 0xb1, 0x56, 0x7b, 0x00, 0xf2, 0xf0, 0xa7,
- 0x9e, 0xbf, 0x67, 0x60, 0xda, 0x27, 0x1e, 0xb8, 0xd5, 0x9e, 0xc0, 0xf2, 0xd4, 0x5a, 0xed, 0xc9,
- 0xbd, 0xea, 0xec, 0xd3, 0xee, 0x55, 0x3f, 0x85, 0x16, 0x3f, 0x6b, 0x7f, 0xfb, 0xae, 0xfb, 0xf7,
- 0x6b, 0x7f, 0xfb, 0xba, 0xa5, 0x94, 0x3c, 0xbf, 0xce, 0x04, 0x0d, 0xf8, 0x8f, 0xef, 0xc1, 0x7e,
- 0xfd, 0x0f, 0x00, 0xc5, 0xcf, 0xb2, 0x70, 0x2a, 0x7a, 0x1a, 0x43, 0xad, 0x3a, 0xa1, 0x6f, 0xab,
- 0xae, 0x0e, 0xa7, 0xb7, 0x6c, 0x45, 0xe9, 0x31, 0x37, 0x04, 0xfa, 0x75, 0xce, 0x53, 0xfb, 0x73,
- 0x9c, 0xf3, 0xf4, 0xed, 0x04, 0x1a, 0x9c, 0xc8, 0x99, 0xd2, 0x76, 0xcc, 0x1e, 0xa9, 0xed, 0x18,
- 0xeb, 0x82, 0x8d, 0x0c, 0xd1, 0x05, 0x4b, 0x6c, 0x21, 0xe6, 0x8e, 0xd0, 0x42, 0x3c, 0x4a, 0xcf,
- 0x2f, 0x21, 0x88, 0xf5, 0xeb, 0xf9, 0x89, 0xcf, 0xc1, 0x2c, 0x67, 0xb3, 0x58, 0x3b, 0x4e, 0xb5,
- 0x0c, 0x4d, 0x51, 0x88, 0xb1, 0x68, 0x77, 0xbb, 0x3d, 0xf1, 0x0d, 0x98, 0x08, 0x37, 0x9a, 0x9d,
- 0x95, 0x76, 0x7a, 0xdd, 0xbc, 0xe1, 0x11, 0x58, 0x69, 0x67, 0x1c, 0x7b, 0x14, 0xe2, 0xfb, 0x02,
- 0xcc, 0x24, 0x7f, 0x50, 0x86, 0x14, 0x98, 0xe8, 0x4a, 0x7b, 0xc1, 0xaf, 0xef, 0x84, 0x23, 0xde,
- 0xa5, 0x59, 0x87, 0x71, 0x25, 0x84, 0x85, 0x23, 0xd8, 0xf4, 0x7e, 0x7d, 0x26, 0xa5, 0xb7, 0x77,
- 0xbc, 0x9a, 0xa0, 0xfb, 0x50, 0xe8, 0x4a, 0x7b, 0x0d, 0xdb, 0xe8, 0x90, 0x23, 0xbf, 0x1e, 0xb0,
- 0x88, 0xb1, 0xc2, 0x51, 0xb0, 0x87, 0x27, 0x7e, 0x24, 0x40, 0x29, 0xad, 0xd0, 0x44, 0xd7, 0x43,
- 0x5d, 0xc8, 0xe7, 0x23, 0x5d, 0xc8, 0xa9, 0x18, 0xdf, 0x53, 0xea, 0x41, 0xfe, 0x4a, 0x80, 0x99,
- 0xe4, 0x82, 0x1b, 0xbd, 0x1c, 0xd2, 0xb0, 0x1c, 0xd1, 0x70, 0x32, 0xc2, 0xc5, 0xf5, 0xfb, 0x36,
- 0x4c, 0xf0, 0xb2, 0x9c, 0xc3, 0x70, 0xaf, 0x8a, 0x49, 0xb1, 0x92, 0x43, 0xb8, 0x65, 0x28, 0x5b,
- 0xaf, 0xf0, 0x18, 0x8e, 0xa0, 0x89, 0xdf, 0xcf, 0x40, 0xae, 0xd1, 0x92, 0x14, 0x72, 0x0c, 0x65,
- 0xd6, 0x9b, 0xa1, 0x32, 0xab, 0xdf, 0x97, 0xf2, 0x4c, 0xab, 0xd4, 0x0a, 0x0b, 0x47, 0x2a, 0xac,
- 0x17, 0x07, 0x42, 0x3b, 0xbc, 0xb8, 0xfa, 0x1f, 0x18, 0xf3, 0x84, 0x0e, 0x17, 0xf3, 0xc5, 0x9f,
- 0x67, 0xa0, 0x18, 0x10, 0x31, 0x64, 0xc6, 0xd8, 0x0a, 0x65, 0xda, 0x41, 0xfe, 0x67, 0x26, 0x20,
- 0xab, 0xe2, 0xe6, 0x56, 0xe7, 0x83, 0x32, 0xff, 0x13, 0xa2, 0x78, 0xca, 0x7d, 0x03, 0x26, 0x2c,
- 0xf6, 0x3f, 0x25, 0xde, 0x9b, 0x5b, 0x96, 0xed, 0x45, 0xef, 0x33, 0xc4, 0x66, 0x68, 0x16, 0x47,
- 0xa8, 0x67, 0x6f, 0xc2, 0x78, 0x48, 0xd8, 0x50, 0xdf, 0x83, 0xfd, 0x46, 0x80, 0xe7, 0xfb, 0x5e,
- 0xd9, 0x50, 0x2d, 0x74, 0x48, 0x2a, 0x91, 0x43, 0x32, 0x97, 0x0e, 0xf0, 0x14, 0xbf, 0x2b, 0x78,
- 0x3f, 0x03, 0xa8, 0xb9, 0x2d, 0x1b, 0xed, 0xba, 0x64, 0x58, 0x3d, 0xcc, 0xff, 0x31, 0xe8, 0x18,
- 0x0e, 0xcc, 0x75, 0x28, 0xb6, 0x89, 0xd9, 0x32, 0x64, 0xe6, 0x1c, 0x5e, 0x9d, 0x7b, 0xcf, 0x1a,
- 0x8b, 0xfe, 0x14, 0x0e, 0xd2, 0xa1, 0xb7, 0xa0, 0xb0, 0xeb, 0xfc, 0xa7, 0x99, 0xdb, 0xe4, 0xea,
- 0x57, 0x48, 0xfa, 0xff, 0x9b, 0xe6, 0xef, 0x1f, 0x3e, 0x60, 0x62, 0x0f, 0x4c, 0xfc, 0x50, 0x80,
- 0x99, 0xb8, 0x23, 0x16, 0xa9, 0xaa, 0x4f, 0xdf, 0x19, 0xcf, 0xc1, 0x08, 0x43, 0xa7, 0x5e, 0x38,
- 0xe9, 0xbc, 0x30, 0x53, 0xc9, 0x98, 0x8d, 0x8a, 0x7f, 0x11, 0x60, 0x36, 0x59, 0xb5, 0x63, 0x28,
- 0xdb, 0xef, 0x87, 0xcb, 0xf6, 0x7e, 0xaf, 0x06, 0xc9, 0x7a, 0xa6, 0x94, 0xf0, 0x7f, 0x4e, 0xf4,
- 0xf9, 0x31, 0x18, 0xb5, 0x11, 0x36, 0xea, 0xea, 0xd0, 0x46, 0x25, 0x1b, 0x54, 0xbb, 0xf2, 0xe8,
- 0xcb, 0xb9, 0x13, 0x9f, 0x7f, 0x39, 0x77, 0xe2, 0x8b, 0x2f, 0xe7, 0x4e, 0x7c, 0xef, 0x60, 0x4e,
- 0x78, 0x74, 0x30, 0x27, 0x7c, 0x7e, 0x30, 0x27, 0x7c, 0x71, 0x30, 0x27, 0xfc, 0xed, 0x60, 0x4e,
- 0xf8, 0xf1, 0x57, 0x73, 0x27, 0xee, 0xe7, 0x39, 0xee, 0xbf, 0x02, 0x00, 0x00, 0xff, 0xff, 0x6f,
- 0x30, 0xd5, 0x91, 0x29, 0x3b, 0x00, 0x00,
+ // 3554 bytes of a gzipped FileDescriptorProto
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xdc, 0x5b, 0xcd, 0x6f, 0x1c, 0x47,
+ 0x76, 0x57, 0xcf, 0x07, 0x67, 0xf8, 0x28, 0x7e, 0x15, 0x65, 0x6a, 0x4c, 0x59, 0x1c, 0xba, 0x0d,
+ 0x28, 0x92, 0x23, 0xcd, 0x58, 0xb4, 0x65, 0x2b, 0x16, 0xe2, 0x84, 0x43, 0xea, 0x83, 0x0e, 0x3f,
+ 0x46, 0x35, 0x43, 0x3a, 0x11, 0xac, 0xc4, 0xcd, 0x99, 0xe2, 0xb0, 0xc5, 0x9e, 0xee, 0x76, 0x7f,
+ 0xd0, 0x9c, 0x4b, 0x90, 0x93, 0x81, 0x00, 0x09, 0x92, 0x1c, 0x1c, 0x38, 0x40, 0x0e, 0xf1, 0x25,
+ 0xa7, 0x04, 0xf1, 0x2d, 0x39, 0x18, 0x01, 0x02, 0x38, 0x80, 0xb0, 0xf0, 0x2e, 0x7c, 0xda, 0xf5,
+ 0x89, 0x58, 0xd3, 0xc7, 0xfd, 0x07, 0x16, 0x3a, 0x2c, 0x16, 0x55, 0x5d, 0xfd, 0xdd, 0xcd, 0x99,
+ 0xa1, 0x25, 0x62, 0xb1, 0x37, 0x4e, 0xbd, 0xf7, 0x7e, 0xef, 0xd5, 0xab, 0xaa, 0xf7, 0x5e, 0xd5,
+ 0x6b, 0xc2, 0xbd, 0xfd, 0xdb, 0x66, 0x45, 0xd6, 0xaa, 0xfb, 0xf6, 0x0e, 0x31, 0x54, 0x62, 0x11,
+ 0xb3, 0x7a, 0x40, 0xd4, 0xb6, 0x66, 0x54, 0x39, 0x41, 0xd2, 0xe5, 0x2a, 0x39, 0xb4, 0x88, 0x6a,
+ 0xca, 0x9a, 0x6a, 0x56, 0x0f, 0x6e, 0xee, 0x10, 0x4b, 0xba, 0x59, 0xed, 0x10, 0x95, 0x18, 0x92,
+ 0x45, 0xda, 0x15, 0xdd, 0xd0, 0x2c, 0x0d, 0x5d, 0x76, 0xd8, 0x2b, 0x92, 0x2e, 0x57, 0x7c, 0xf6,
+ 0x0a, 0x67, 0x9f, 0xbb, 0xd1, 0x91, 0xad, 0x3d, 0x7b, 0xa7, 0xd2, 0xd2, 0xba, 0xd5, 0x8e, 0xd6,
+ 0xd1, 0xaa, 0x4c, 0x6a, 0xc7, 0xde, 0x65, 0xbf, 0xd8, 0x0f, 0xf6, 0x97, 0x83, 0x36, 0x27, 0x06,
+ 0x94, 0xb7, 0x34, 0x83, 0x54, 0x0f, 0x62, 0x1a, 0xe7, 0xae, 0x05, 0x78, 0x74, 0x4d, 0x91, 0x5b,
+ 0xbd, 0x34, 0xe3, 0xe6, 0xde, 0xf2, 0x59, 0xbb, 0x52, 0x6b, 0x4f, 0x56, 0x89, 0xd1, 0xab, 0xea,
+ 0xfb, 0x1d, 0x26, 0x6b, 0x10, 0x53, 0xb3, 0x8d, 0x16, 0x19, 0x4a, 0xca, 0xac, 0x76, 0x89, 0x25,
+ 0x25, 0x99, 0x55, 0x4d, 0x93, 0x32, 0x6c, 0xd5, 0x92, 0xbb, 0x71, 0x35, 0x6f, 0xf7, 0x13, 0x30,
+ 0x5b, 0x7b, 0xa4, 0x2b, 0xc5, 0xe4, 0xde, 0x4c, 0x93, 0xb3, 0x2d, 0x59, 0xa9, 0xca, 0xaa, 0x65,
+ 0x5a, 0x46, 0x54, 0x48, 0xac, 0x00, 0x2c, 0xd5, 0x57, 0xb7, 0x89, 0x41, 0x97, 0x07, 0x2d, 0x40,
+ 0x4e, 0x95, 0xba, 0xa4, 0x24, 0x2c, 0x08, 0x57, 0x47, 0x6b, 0xe7, 0x9f, 0x1e, 0x95, 0xcf, 0x1d,
+ 0x1f, 0x95, 0x73, 0x1b, 0x52, 0x97, 0x60, 0x46, 0x11, 0xef, 0xc2, 0xe4, 0x92, 0xa2, 0x68, 0x9f,
+ 0x90, 0xf6, 0x03, 0xcd, 0xb4, 0xea, 0x92, 0xb5, 0x87, 0x16, 0x01, 0x74, 0xc9, 0xda, 0xab, 0x1b,
+ 0x64, 0x57, 0x3e, 0xe4, 0xa2, 0x88, 0x8b, 0x42, 0xdd, 0xa3, 0xe0, 0x00, 0x97, 0xf8, 0x2f, 0x02,
+ 0xbc, 0xbc, 0x6c, 0x9b, 0x96, 0xd6, 0x5d, 0x27, 0x96, 0x21, 0xb7, 0x96, 0x6d, 0xc3, 0x20, 0xaa,
+ 0xd5, 0xb0, 0x24, 0xcb, 0x36, 0xfb, 0x9b, 0x81, 0x1e, 0x41, 0xfe, 0x40, 0x52, 0x6c, 0x52, 0xca,
+ 0x2c, 0x08, 0x57, 0xc7, 0x16, 0x2b, 0x15, 0x7f, 0xb7, 0x79, 0x73, 0xaf, 0xe8, 0xfb, 0x1d, 0xb6,
+ 0xfd, 0xdc, 0x05, 0xad, 0x3c, 0xb4, 0x25, 0xd5, 0x92, 0xad, 0x5e, 0xed, 0x02, 0x87, 0x3c, 0xcf,
+ 0xf5, 0x6e, 0x53, 0x2c, 0xec, 0x40, 0x8a, 0x7f, 0x0d, 0x97, 0x53, 0x4d, 0x5b, 0x93, 0x4d, 0x0b,
+ 0x3d, 0x86, 0xbc, 0x6c, 0x91, 0xae, 0x59, 0x12, 0x16, 0xb2, 0x57, 0xc7, 0x16, 0x6f, 0x57, 0x4e,
+ 0xdc, 0xea, 0x95, 0x54, 0xb0, 0xda, 0x38, 0x37, 0x23, 0xbf, 0x4a, 0xe1, 0xb0, 0x83, 0x2a, 0xfe,
+ 0x93, 0x00, 0x28, 0x28, 0xd3, 0x94, 0x8c, 0x0e, 0xb1, 0x06, 0x70, 0xca, 0x5f, 0xfc, 0x38, 0xa7,
+ 0xcc, 0x70, 0xc8, 0x31, 0x47, 0x61, 0xc8, 0x27, 0x3a, 0xcc, 0xc6, 0x4d, 0x62, 0xce, 0xd8, 0x0e,
+ 0x3b, 0xe3, 0xe6, 0x10, 0xce, 0x70, 0x50, 0x52, 0xbc, 0xf0, 0x59, 0x06, 0x46, 0x57, 0x24, 0xd2,
+ 0xd5, 0xd4, 0x06, 0xb1, 0xd0, 0x47, 0x50, 0xa4, 0xe7, 0xab, 0x2d, 0x59, 0x12, 0x73, 0xc0, 0xd8,
+ 0xe2, 0x1b, 0x27, 0xcd, 0xce, 0xac, 0x50, 0xee, 0xca, 0xc1, 0xcd, 0xca, 0xe6, 0xce, 0x13, 0xd2,
+ 0xb2, 0xd6, 0x89, 0x25, 0xf9, 0x7b, 0xd2, 0x1f, 0xc3, 0x1e, 0x2a, 0xda, 0x80, 0x9c, 0xa9, 0x93,
+ 0x16, 0xf7, 0xdd, 0xf5, 0x3e, 0xd3, 0xf0, 0x2c, 0x6b, 0xe8, 0xa4, 0xe5, 0x2f, 0x06, 0xfd, 0x85,
+ 0x19, 0x0e, 0xda, 0x86, 0x11, 0x93, 0xad, 0x72, 0x29, 0x1b, 0x5b, 0x8d, 0x93, 0x11, 0x9d, 0xbd,
+ 0x31, 0xc1, 0x31, 0x47, 0x9c, 0xdf, 0x98, 0xa3, 0x89, 0x5f, 0x09, 0x30, 0xee, 0xf1, 0xb2, 0x15,
+ 0xf8, 0x30, 0xe6, 0x9b, 0xca, 0x60, 0xbe, 0xa1, 0xd2, 0xcc, 0x33, 0x53, 0x5c, 0x57, 0xd1, 0x1d,
+ 0x09, 0xf8, 0x65, 0xdd, 0x5d, 0xdf, 0x0c, 0x5b, 0xdf, 0xab, 0x83, 0x4e, 0x23, 0x65, 0x59, 0xff,
+ 0x39, 0x17, 0x30, 0x9f, 0xba, 0x0b, 0x3d, 0x86, 0xa2, 0x49, 0x14, 0xd2, 0xb2, 0x34, 0x83, 0x9b,
+ 0xff, 0xe6, 0x80, 0xe6, 0x4b, 0x3b, 0x44, 0x69, 0x70, 0xd1, 0xda, 0x79, 0x6a, 0xbf, 0xfb, 0x0b,
+ 0x7b, 0x90, 0xe8, 0x21, 0x14, 0x2d, 0xd2, 0xd5, 0x15, 0xc9, 0x72, 0xcf, 0xc5, 0x6b, 0xc1, 0x29,
+ 0xd0, 0x64, 0x42, 0xc1, 0xea, 0x5a, 0xbb, 0xc9, 0xd9, 0xd8, 0x92, 0x7a, 0x2e, 0x71, 0x47, 0xb1,
+ 0x07, 0x83, 0x0e, 0x60, 0xc2, 0xd6, 0xdb, 0x94, 0xd3, 0xa2, 0xa1, 0xb4, 0xd3, 0xe3, 0x4b, 0xfc,
+ 0xf6, 0xa0, 0xbe, 0xd9, 0x0a, 0x49, 0xd7, 0x66, 0xb9, 0xae, 0x89, 0xf0, 0x38, 0x8e, 0x68, 0x41,
+ 0x4b, 0x30, 0xd9, 0x95, 0x55, 0x4c, 0xa4, 0x76, 0xaf, 0x41, 0x5a, 0x9a, 0xda, 0x36, 0x4b, 0xb9,
+ 0x05, 0xe1, 0x6a, 0xbe, 0x76, 0x91, 0x03, 0x4c, 0xae, 0x87, 0xc9, 0x38, 0xca, 0x8f, 0xde, 0x07,
+ 0xe4, 0x4e, 0xe3, 0xbe, 0x93, 0x09, 0x64, 0x4d, 0x2d, 0xe5, 0x17, 0x84, 0xab, 0xd9, 0xda, 0x1c,
+ 0x47, 0x41, 0xcd, 0x18, 0x07, 0x4e, 0x90, 0x42, 0x6b, 0x70, 0xc1, 0x20, 0x07, 0x32, 0x9d, 0xe3,
+ 0x03, 0xd9, 0xb4, 0x34, 0xa3, 0xb7, 0x26, 0x77, 0x65, 0xab, 0x34, 0xc2, 0x6c, 0x2a, 0x1d, 0x1f,
+ 0x95, 0x2f, 0xe0, 0x04, 0x3a, 0x4e, 0x94, 0x12, 0xbf, 0xcc, 0xc3, 0x64, 0xe4, 0x0c, 0xa0, 0x6d,
+ 0x98, 0x6d, 0x39, 0x01, 0x73, 0xc3, 0xee, 0xee, 0x10, 0xa3, 0xd1, 0xda, 0x23, 0x6d, 0x5b, 0x21,
+ 0x6d, 0xb6, 0x51, 0xf2, 0xb5, 0x79, 0x6e, 0xf1, 0xec, 0x72, 0x22, 0x17, 0x4e, 0x91, 0xa6, 0x5e,
+ 0x50, 0xd9, 0xd0, 0xba, 0x6c, 0x9a, 0x1e, 0x66, 0x86, 0x61, 0x7a, 0x5e, 0xd8, 0x88, 0x71, 0xe0,
+ 0x04, 0x29, 0x6a, 0x63, 0x9b, 0x98, 0xb2, 0x41, 0xda, 0x51, 0x1b, 0xb3, 0x61, 0x1b, 0x57, 0x12,
+ 0xb9, 0x70, 0x8a, 0x34, 0xba, 0x05, 0x63, 0x8e, 0x36, 0xb6, 0x7e, 0x7c, 0xa1, 0xbd, 0x10, 0xbd,
+ 0xe1, 0x93, 0x70, 0x90, 0x8f, 0x4e, 0x4d, 0xdb, 0x31, 0x89, 0x71, 0x40, 0xda, 0xe9, 0x0b, 0xbc,
+ 0x19, 0xe3, 0xc0, 0x09, 0x52, 0x74, 0x6a, 0xce, 0x0e, 0x8c, 0x4d, 0x6d, 0x24, 0x3c, 0xb5, 0xad,
+ 0x44, 0x2e, 0x9c, 0x22, 0x4d, 0xf7, 0xb1, 0x63, 0xf2, 0xd2, 0x81, 0x24, 0x2b, 0xd2, 0x8e, 0x42,
+ 0x4a, 0x85, 0xf0, 0x3e, 0xde, 0x08, 0x93, 0x71, 0x94, 0x1f, 0xdd, 0x87, 0x69, 0x67, 0x68, 0x4b,
+ 0x95, 0x3c, 0x90, 0x22, 0x03, 0x79, 0x99, 0x83, 0x4c, 0x6f, 0x44, 0x19, 0x70, 0x5c, 0x06, 0xbd,
+ 0x0b, 0x13, 0x2d, 0x4d, 0x51, 0xd8, 0x7e, 0x5c, 0xd6, 0x6c, 0xd5, 0x2a, 0x8d, 0x32, 0x14, 0x44,
+ 0xcf, 0xe3, 0x72, 0x88, 0x82, 0x23, 0x9c, 0xe2, 0x4f, 0x04, 0xb8, 0x98, 0x72, 0xa6, 0xd1, 0x9f,
+ 0x40, 0xce, 0xea, 0xe9, 0x6e, 0xb6, 0xfe, 0x43, 0x37, 0x41, 0x34, 0x7b, 0x3a, 0x79, 0x76, 0x54,
+ 0xbe, 0x94, 0x22, 0x46, 0xc9, 0x98, 0x09, 0x22, 0x15, 0xc6, 0x0d, 0xaa, 0x4e, 0xed, 0x38, 0x2c,
+ 0x3c, 0x78, 0xdd, 0xea, 0x13, 0x63, 0x70, 0x50, 0xc6, 0x0f, 0xc6, 0xd3, 0xc7, 0x47, 0xe5, 0xf1,
+ 0x10, 0x0d, 0x87, 0xe1, 0xc5, 0xcf, 0x33, 0x00, 0x2b, 0x44, 0x57, 0xb4, 0x5e, 0x97, 0xa8, 0x67,
+ 0x91, 0x70, 0x37, 0x43, 0x09, 0xf7, 0x46, 0xbf, 0xd8, 0xe9, 0x99, 0x96, 0x9a, 0x71, 0x3f, 0x88,
+ 0x64, 0xdc, 0xea, 0xe0, 0x90, 0x27, 0xa7, 0xdc, 0x5f, 0x64, 0x61, 0xc6, 0x67, 0x5e, 0xd6, 0xd4,
+ 0xb6, 0xcc, 0xce, 0xc7, 0x9d, 0xd0, 0x1a, 0xff, 0x41, 0x64, 0x8d, 0x2f, 0x26, 0x88, 0x04, 0xd6,
+ 0x77, 0xcd, 0xb3, 0x36, 0xc3, 0xc4, 0xdf, 0x0a, 0x2b, 0x7f, 0x76, 0x54, 0x4e, 0xb8, 0xf3, 0x54,
+ 0x3c, 0xa4, 0xb0, 0x89, 0xe8, 0x0a, 0x8c, 0x18, 0x44, 0x32, 0x35, 0x95, 0x05, 0x8a, 0x51, 0x7f,
+ 0x2a, 0x98, 0x8d, 0x62, 0x4e, 0x45, 0xd7, 0xa0, 0xd0, 0x25, 0xa6, 0x29, 0x75, 0x08, 0x8b, 0x09,
+ 0xa3, 0xb5, 0x49, 0xce, 0x58, 0x58, 0x77, 0x86, 0xb1, 0x4b, 0x47, 0x4f, 0x60, 0x42, 0x91, 0x4c,
+ 0xbe, 0x41, 0x9b, 0x72, 0x97, 0xb0, 0x53, 0x3f, 0xb6, 0xf8, 0xfa, 0x60, 0xfb, 0x80, 0x4a, 0xf8,
+ 0x99, 0x6d, 0x2d, 0x84, 0x84, 0x23, 0xc8, 0xe8, 0x00, 0x10, 0x1d, 0x69, 0x1a, 0x92, 0x6a, 0x3a,
+ 0x8e, 0xa2, 0xfa, 0x0a, 0x43, 0xeb, 0xf3, 0x22, 0xdc, 0x5a, 0x0c, 0x0d, 0x27, 0x68, 0x10, 0xff,
+ 0x57, 0x80, 0x09, 0x7f, 0x99, 0xce, 0xa0, 0x9a, 0xda, 0x08, 0x57, 0x53, 0xd7, 0x06, 0xde, 0xa2,
+ 0x29, 0xe5, 0xd4, 0xaf, 0x33, 0x80, 0x7c, 0x26, 0x7a, 0xc0, 0x77, 0xa4, 0xd6, 0xfe, 0x00, 0x77,
+ 0x85, 0xcf, 0x04, 0x40, 0x3c, 0x3c, 0x2f, 0xa9, 0xaa, 0x66, 0xb1, 0x88, 0xef, 0x9a, 0xb5, 0x3a,
+ 0xb0, 0x59, 0xae, 0xc6, 0xca, 0x56, 0x0c, 0xeb, 0xae, 0x6a, 0x19, 0x3d, 0x7f, 0x45, 0xe2, 0x0c,
+ 0x38, 0xc1, 0x00, 0x24, 0x01, 0x18, 0x1c, 0xb3, 0xa9, 0xf1, 0x83, 0x7c, 0x63, 0x80, 0x98, 0x47,
+ 0x05, 0x96, 0x35, 0x75, 0x57, 0xee, 0xf8, 0x61, 0x07, 0x7b, 0x40, 0x38, 0x00, 0x3a, 0x77, 0x17,
+ 0x2e, 0xa6, 0x58, 0x8b, 0xa6, 0x20, 0xbb, 0x4f, 0x7a, 0x8e, 0xdb, 0x30, 0xfd, 0x13, 0x5d, 0x08,
+ 0xde, 0xa9, 0x46, 0xf9, 0x75, 0xe8, 0xdd, 0xcc, 0x6d, 0x41, 0xfc, 0x2a, 0x1f, 0xdc, 0x3b, 0xac,
+ 0x94, 0xbd, 0x0a, 0x45, 0x83, 0xe8, 0x8a, 0xdc, 0x92, 0x4c, 0x5e, 0xa1, 0xb0, 0xaa, 0x14, 0xf3,
+ 0x31, 0xec, 0x51, 0x43, 0x45, 0x6f, 0xe6, 0xc5, 0x16, 0xbd, 0xd9, 0xe7, 0x53, 0xf4, 0xfe, 0x15,
+ 0x14, 0x4d, 0xb7, 0xdc, 0xcd, 0x31, 0xc8, 0x9b, 0x43, 0xc4, 0x57, 0x5e, 0xe9, 0x7a, 0x0a, 0xbc,
+ 0x1a, 0xd7, 0x03, 0x4d, 0xaa, 0x6e, 0xf3, 0x43, 0x56, 0xb7, 0xcf, 0xb5, 0x22, 0xa5, 0x31, 0x55,
+ 0x97, 0x6c, 0x93, 0xb4, 0x59, 0x20, 0x2a, 0xfa, 0x31, 0xb5, 0xce, 0x46, 0x31, 0xa7, 0xa2, 0xc7,
+ 0xa1, 0x2d, 0x5b, 0x3c, 0xcd, 0x96, 0x9d, 0x48, 0xdf, 0xae, 0x68, 0x0b, 0x2e, 0xea, 0x86, 0xd6,
+ 0x31, 0x88, 0x69, 0xae, 0x10, 0xa9, 0xad, 0xc8, 0x2a, 0x71, 0xfd, 0xe3, 0x94, 0x2a, 0x97, 0x8e,
+ 0x8f, 0xca, 0x17, 0xeb, 0xc9, 0x2c, 0x38, 0x4d, 0x56, 0x7c, 0x9a, 0x83, 0xa9, 0x68, 0x06, 0x4c,
+ 0xa9, 0x1e, 0x85, 0x53, 0x55, 0x8f, 0xd7, 0x03, 0x87, 0xc1, 0x29, 0xad, 0xbd, 0xd5, 0x4f, 0x38,
+ 0x10, 0x4b, 0x30, 0xc9, 0xa3, 0x81, 0x4b, 0xe4, 0xf5, 0xb3, 0xb7, 0xfa, 0x5b, 0x61, 0x32, 0x8e,
+ 0xf2, 0xd3, 0x9a, 0xd0, 0x2f, 0xf5, 0x5c, 0x90, 0x5c, 0xb8, 0x26, 0x5c, 0x8a, 0x32, 0xe0, 0xb8,
+ 0x0c, 0x5a, 0x87, 0x19, 0x5b, 0x8d, 0x43, 0x39, 0xbb, 0xf1, 0x12, 0x87, 0x9a, 0xd9, 0x8a, 0xb3,
+ 0xe0, 0x24, 0x39, 0xb4, 0x0b, 0xd0, 0x72, 0xd3, 0xb6, 0x59, 0x1a, 0x61, 0x11, 0x76, 0x71, 0xe0,
+ 0xb3, 0xe3, 0x65, 0x7c, 0x3f, 0xae, 0x79, 0x43, 0x26, 0x0e, 0x20, 0xa3, 0x3b, 0x30, 0x6e, 0xb0,
+ 0x0b, 0x81, 0x6b, 0xb0, 0x53, 0x54, 0xbf, 0xc4, 0xc5, 0xc6, 0x71, 0x90, 0x88, 0xc3, 0xbc, 0x09,
+ 0x75, 0x70, 0x71, 0xe0, 0x3a, 0xf8, 0xff, 0x84, 0x60, 0x12, 0xf2, 0x4a, 0xe0, 0x77, 0x43, 0xe5,
+ 0xd1, 0x95, 0x48, 0x79, 0x34, 0x1b, 0x97, 0x08, 0x54, 0x47, 0x5a, 0x72, 0xf5, 0xfb, 0xf6, 0x50,
+ 0xd5, 0xaf, 0x9f, 0x3c, 0xfb, 0x97, 0xbf, 0x5f, 0x08, 0x30, 0x7b, 0xaf, 0x71, 0xdf, 0xd0, 0x6c,
+ 0xdd, 0x35, 0x67, 0x53, 0x77, 0xfc, 0xfa, 0x0e, 0xe4, 0x0c, 0x5b, 0x71, 0xe7, 0xf1, 0x9a, 0x3b,
+ 0x0f, 0x6c, 0x2b, 0x74, 0x1e, 0x33, 0x11, 0x29, 0x67, 0x12, 0x54, 0x00, 0x6d, 0xc0, 0x88, 0x21,
+ 0xa9, 0x1d, 0xe2, 0xa6, 0xd5, 0x2b, 0x7d, 0xac, 0x5f, 0x5d, 0xc1, 0x94, 0x3d, 0x50, 0xbc, 0x31,
+ 0x69, 0xcc, 0x51, 0xc4, 0xbf, 0x17, 0x60, 0xf2, 0x41, 0xb3, 0x59, 0x5f, 0x55, 0xd9, 0x89, 0x66,
+ 0x8f, 0xaf, 0x0b, 0x90, 0xd3, 0x25, 0x6b, 0x2f, 0x9a, 0xe9, 0x29, 0x0d, 0x33, 0x0a, 0xfa, 0x73,
+ 0x28, 0xd0, 0x48, 0x42, 0xd4, 0xf6, 0x80, 0xa5, 0x36, 0x87, 0xaf, 0x39, 0x42, 0x7e, 0x85, 0xc8,
+ 0x07, 0xb0, 0x0b, 0x27, 0xee, 0xc3, 0x85, 0x80, 0x39, 0xd4, 0x1f, 0xec, 0xcd, 0x10, 0x35, 0x20,
+ 0x4f, 0x35, 0xbb, 0x4f, 0x82, 0xfd, 0x5e, 0xbe, 0x22, 0x53, 0xf2, 0x2b, 0x1d, 0xfa, 0xcb, 0xc4,
+ 0x0e, 0x96, 0xb8, 0x0e, 0xe3, 0xec, 0xc5, 0x59, 0x33, 0x2c, 0xe6, 0x16, 0x74, 0x19, 0xb2, 0x5d,
+ 0x59, 0xe5, 0x79, 0x76, 0x8c, 0xcb, 0x64, 0x69, 0x8e, 0xa0, 0xe3, 0x8c, 0x2c, 0x1d, 0xf2, 0xc8,
+ 0xe3, 0x93, 0xa5, 0x43, 0x4c, 0xc7, 0xc5, 0xfb, 0x50, 0xe0, 0xee, 0x0e, 0x02, 0x65, 0x4f, 0x06,
+ 0xca, 0x26, 0x00, 0x6d, 0x42, 0x61, 0xb5, 0x5e, 0x53, 0x34, 0xa7, 0xea, 0x6a, 0xc9, 0x6d, 0x23,
+ 0xba, 0x16, 0xcb, 0xab, 0x2b, 0x18, 0x33, 0x0a, 0x12, 0x61, 0x84, 0x1c, 0xb6, 0x88, 0x6e, 0xb1,
+ 0x1d, 0x31, 0x5a, 0x03, 0xba, 0xca, 0x77, 0xd9, 0x08, 0xe6, 0x14, 0xf1, 0x1f, 0x32, 0x50, 0xe0,
+ 0xee, 0x38, 0x83, 0x5b, 0xd8, 0x5a, 0xe8, 0x16, 0xf6, 0xfa, 0x60, 0x5b, 0x23, 0xf5, 0x0a, 0xd6,
+ 0x8c, 0x5c, 0xc1, 0xae, 0x0f, 0x88, 0x77, 0xf2, 0xfd, 0xeb, 0x4b, 0x01, 0x26, 0xc2, 0x9b, 0x12,
+ 0xdd, 0x82, 0x31, 0x9a, 0x70, 0xe4, 0x16, 0xd9, 0xf0, 0xeb, 0x5c, 0xef, 0x75, 0xa4, 0xe1, 0x93,
+ 0x70, 0x90, 0x0f, 0x75, 0x3c, 0x31, 0xba, 0x8f, 0xf8, 0xa4, 0xd3, 0x5d, 0x6a, 0x5b, 0xb2, 0x52,
+ 0x71, 0x1a, 0x27, 0x95, 0x55, 0xd5, 0xda, 0x34, 0x1a, 0x96, 0x21, 0xab, 0x9d, 0x98, 0x22, 0xb6,
+ 0x29, 0x83, 0xc8, 0xe2, 0xff, 0x08, 0x30, 0xc6, 0x4d, 0x3e, 0x83, 0x5b, 0xc5, 0x9f, 0x85, 0x6f,
+ 0x15, 0x57, 0x06, 0x3c, 0xe0, 0xc9, 0x57, 0x8a, 0x7f, 0xf7, 0x4d, 0xa7, 0x47, 0x9a, 0xee, 0xea,
+ 0x3d, 0xcd, 0xb4, 0xa2, 0xbb, 0x9a, 0x1e, 0x46, 0xcc, 0x28, 0xc8, 0x86, 0x29, 0x39, 0x12, 0x03,
+ 0xb8, 0x6b, 0xab, 0x83, 0x59, 0xe2, 0x89, 0xd5, 0x4a, 0x1c, 0x7e, 0x2a, 0x4a, 0xc1, 0x31, 0x15,
+ 0x22, 0x81, 0x18, 0x17, 0x7a, 0x08, 0xb9, 0x3d, 0xcb, 0xd2, 0x13, 0x1e, 0x92, 0xfb, 0x44, 0x1e,
+ 0xdf, 0x84, 0x22, 0x9b, 0x5d, 0xb3, 0x59, 0xc7, 0x0c, 0x4a, 0xfc, 0x8d, 0xef, 0x8f, 0x86, 0xb3,
+ 0xc7, 0xbd, 0x78, 0x2a, 0x9c, 0x26, 0x9e, 0x8e, 0x25, 0xc5, 0x52, 0xf4, 0x00, 0xb2, 0x96, 0x32,
+ 0xe8, 0xb5, 0x90, 0x23, 0x36, 0xd7, 0x1a, 0x7e, 0x40, 0x6a, 0xae, 0x35, 0x30, 0x85, 0x40, 0x9b,
+ 0x90, 0xa7, 0xd9, 0x87, 0x1e, 0xc1, 0xec, 0xe0, 0x47, 0x9a, 0xce, 0xdf, 0xdf, 0x10, 0xf4, 0x97,
+ 0x89, 0x1d, 0x1c, 0xf1, 0x63, 0x18, 0x0f, 0x9d, 0x53, 0xf4, 0x11, 0x9c, 0x57, 0x34, 0xa9, 0x5d,
+ 0x93, 0x14, 0x49, 0x6d, 0x11, 0xf7, 0xd5, 0xfe, 0x4a, 0xd2, 0x0d, 0x63, 0x2d, 0xc0, 0xc7, 0x4f,
+ 0xb9, 0xd7, 0x7b, 0x0b, 0xd2, 0x70, 0x08, 0x51, 0x94, 0x00, 0xfc, 0x39, 0xa2, 0x32, 0xe4, 0xe9,
+ 0x3e, 0x73, 0xf2, 0xc9, 0x68, 0x6d, 0x94, 0x5a, 0x48, 0xb7, 0x9f, 0x89, 0x9d, 0x71, 0xb4, 0x08,
+ 0x60, 0x92, 0x96, 0x41, 0x2c, 0x16, 0x0c, 0x32, 0xe1, 0x0e, 0x64, 0xc3, 0xa3, 0xe0, 0x00, 0x97,
+ 0xf8, 0xff, 0x02, 0x8c, 0x6f, 0x10, 0xeb, 0x13, 0xcd, 0xd8, 0xaf, 0xb3, 0x66, 0xf1, 0x19, 0x04,
+ 0x5b, 0x1c, 0x0a, 0xb6, 0x6f, 0xf4, 0x59, 0x99, 0x90, 0x75, 0x69, 0x21, 0x97, 0xce, 0xa3, 0x14,
+ 0xe2, 0x0c, 0x9e, 0xdd, 0x2d, 0xc8, 0xeb, 0x9a, 0x61, 0xb9, 0x99, 0x78, 0x28, 0x8d, 0x34, 0x8e,
+ 0x05, 0x72, 0x31, 0x85, 0xc1, 0x0e, 0x1a, 0x9d, 0xc7, 0xae, 0xa1, 0x75, 0xf9, 0x6e, 0x1d, 0x0e,
+ 0x95, 0x10, 0xc3, 0x9f, 0xc7, 0x3d, 0x43, 0xeb, 0x62, 0x86, 0x25, 0x7e, 0x2d, 0xc0, 0x74, 0x88,
+ 0xf3, 0x0c, 0xe2, 0xe6, 0xc3, 0x70, 0xdc, 0xbc, 0x3e, 0xcc, 0x44, 0x52, 0xa2, 0xe7, 0xd7, 0x99,
+ 0xc8, 0x34, 0xe8, 0x84, 0xd1, 0x2e, 0x8c, 0xe9, 0x5a, 0xbb, 0xf1, 0x1c, 0xda, 0x5c, 0x93, 0x34,
+ 0xed, 0xd4, 0x7d, 0x2c, 0x1c, 0x04, 0x46, 0x87, 0x30, 0xad, 0x4a, 0x5d, 0x62, 0xea, 0x52, 0x8b,
+ 0x34, 0x9e, 0xc3, 0xfb, 0xc2, 0x4b, 0xec, 0x1d, 0x3d, 0x8a, 0x88, 0xe3, 0x4a, 0xd0, 0x3a, 0x14,
+ 0x64, 0x9d, 0x95, 0x41, 0x3c, 0xf5, 0xf7, 0x4d, 0x42, 0x4e, 0xd1, 0xe4, 0x84, 0x43, 0xfe, 0x03,
+ 0xbb, 0x18, 0xe2, 0x7f, 0x44, 0x77, 0x03, 0xdd, 0x7f, 0xe8, 0x3e, 0x14, 0xd9, 0x57, 0x0b, 0x2d,
+ 0x4d, 0x71, 0x1f, 0xd6, 0xe9, 0xca, 0xd6, 0xf9, 0xd8, 0xb3, 0xa3, 0xf2, 0xa5, 0x84, 0x37, 0x53,
+ 0x97, 0x8c, 0x3d, 0x61, 0xb4, 0x01, 0x39, 0xfd, 0xc7, 0x14, 0x00, 0x2c, 0x47, 0xb0, 0xac, 0xcf,
+ 0x70, 0xc4, 0x1f, 0xa2, 0xe6, 0xb2, 0x4c, 0xf1, 0xe4, 0xb9, 0xad, 0xba, 0x57, 0x70, 0xa4, 0xae,
+ 0xfc, 0x0e, 0x14, 0x78, 0x82, 0xe4, 0x9b, 0xf9, 0x9d, 0x61, 0x36, 0x73, 0x30, 0x09, 0x78, 0xf5,
+ 0xbe, 0x3b, 0xe8, 0x02, 0x8b, 0x3f, 0x15, 0x60, 0x9a, 0x19, 0xd0, 0xb2, 0x0d, 0xd9, 0xea, 0x9d,
+ 0x59, 0xd8, 0xdc, 0x0e, 0x85, 0xcd, 0xb7, 0xfa, 0x4c, 0x2c, 0x66, 0x61, 0x6a, 0xe8, 0xfc, 0x46,
+ 0x80, 0x97, 0x62, 0xdc, 0x67, 0x10, 0x76, 0xb6, 0xc2, 0x61, 0xe7, 0x8d, 0x61, 0x27, 0x94, 0x12,
+ 0x7a, 0xfe, 0xf5, 0x7c, 0xc2, 0x74, 0xd8, 0x46, 0x5c, 0x04, 0xd0, 0x0d, 0xf9, 0x40, 0x56, 0x48,
+ 0x87, 0xf7, 0x4e, 0x8b, 0x81, 0x2f, 0x74, 0x3c, 0x0a, 0x0e, 0x70, 0x21, 0x13, 0x66, 0xdb, 0x64,
+ 0x57, 0xb2, 0x15, 0x6b, 0xa9, 0xdd, 0x5e, 0x96, 0x74, 0x69, 0x47, 0x56, 0x64, 0x4b, 0xe6, 0x97,
+ 0xd9, 0xd1, 0xda, 0x1d, 0xa7, 0xa7, 0x99, 0xc4, 0xf1, 0xec, 0xa8, 0x7c, 0x39, 0xa9, 0x77, 0xe1,
+ 0xb2, 0xf4, 0x70, 0x0a, 0x34, 0xea, 0x41, 0xc9, 0x20, 0x1f, 0xdb, 0xb2, 0x41, 0xda, 0x2b, 0x86,
+ 0xa6, 0x87, 0xd4, 0x66, 0x99, 0xda, 0x3f, 0x3e, 0x3e, 0x2a, 0x97, 0x70, 0x0a, 0x4f, 0x7f, 0xc5,
+ 0xa9, 0xf0, 0xe8, 0x09, 0xcc, 0x48, 0xce, 0x87, 0x4d, 0x21, 0xad, 0x39, 0xa6, 0xf5, 0xf6, 0xf1,
+ 0x51, 0x79, 0x66, 0x29, 0x4e, 0xee, 0xaf, 0x30, 0x09, 0x14, 0x55, 0xa1, 0x70, 0xa0, 0x29, 0x76,
+ 0x97, 0x98, 0xa5, 0x3c, 0xc3, 0xa7, 0x71, 0xb6, 0xb0, 0xed, 0x0c, 0x3d, 0x3b, 0x2a, 0x8f, 0xdc,
+ 0x6b, 0xb0, 0x67, 0x04, 0x97, 0x8b, 0x5e, 0x77, 0x68, 0xa5, 0xc3, 0xcf, 0x2c, 0x7b, 0xcf, 0x2c,
+ 0xfa, 0x41, 0xe1, 0x81, 0x4f, 0xc2, 0x41, 0x3e, 0xf4, 0x18, 0x46, 0xf7, 0xf8, 0x9d, 0xd9, 0x2c,
+ 0x15, 0x06, 0xca, 0x71, 0xa1, 0x3b, 0x76, 0x6d, 0x9a, 0xab, 0x18, 0x75, 0x87, 0x4d, 0xec, 0x23,
+ 0xa2, 0x6b, 0x50, 0x60, 0x3f, 0x56, 0x57, 0xd8, 0x63, 0x51, 0xd1, 0x0f, 0x1d, 0x0f, 0x9c, 0x61,
+ 0xec, 0xd2, 0x5d, 0xd6, 0xd5, 0xfa, 0x32, 0x7b, 0xb4, 0x8c, 0xb0, 0xae, 0xd6, 0x97, 0xb1, 0x4b,
+ 0x47, 0x1f, 0x41, 0xc1, 0x24, 0x6b, 0xb2, 0x6a, 0x1f, 0x96, 0x60, 0xa0, 0x96, 0x67, 0xe3, 0x2e,
+ 0xe3, 0x8e, 0x3c, 0xdb, 0xf8, 0x1a, 0x38, 0x1d, 0xbb, 0xb0, 0x68, 0x0f, 0x46, 0x0d, 0x5b, 0x5d,
+ 0x32, 0xb7, 0x4c, 0x62, 0x94, 0xc6, 0x98, 0x8e, 0x7e, 0xd1, 0x12, 0xbb, 0xfc, 0x51, 0x2d, 0x9e,
+ 0x87, 0x3c, 0x0e, 0xec, 0x83, 0xa3, 0xbf, 0x13, 0x00, 0x99, 0xb6, 0xae, 0x2b, 0xa4, 0x4b, 0x54,
+ 0x4b, 0x52, 0xd8, 0x4b, 0x91, 0x59, 0x3a, 0xcf, 0x74, 0xfe, 0x69, 0xbf, 0x79, 0xc5, 0x04, 0xa3,
+ 0xca, 0xbd, 0x27, 0xd9, 0x38, 0x2b, 0x4e, 0xd0, 0x4b, 0x5d, 0xbb, 0x6b, 0xb2, 0xbf, 0x4b, 0xe3,
+ 0x03, 0xb9, 0x36, 0xf9, 0x45, 0xcc, 0x77, 0x2d, 0xa7, 0x63, 0x17, 0x16, 0x6d, 0xc3, 0xac, 0x41,
+ 0xa4, 0xf6, 0xa6, 0xaa, 0xf4, 0xb0, 0xa6, 0x59, 0xf7, 0x64, 0x85, 0x98, 0x3d, 0xd3, 0x22, 0xdd,
+ 0xd2, 0x04, 0x5b, 0x76, 0xef, 0x93, 0x01, 0x9c, 0xc8, 0x85, 0x53, 0xa4, 0x51, 0x17, 0xca, 0x6e,
+ 0xc8, 0xa0, 0xe7, 0xc9, 0x8b, 0x59, 0x77, 0xcd, 0x96, 0xa4, 0x38, 0xaf, 0xd4, 0x93, 0x4c, 0xc1,
+ 0x6b, 0xc7, 0x47, 0xe5, 0xf2, 0xca, 0xc9, 0xac, 0xb8, 0x1f, 0x16, 0xfa, 0x10, 0x4a, 0x52, 0x9a,
+ 0x9e, 0x29, 0xa6, 0x67, 0x81, 0x4f, 0xa4, 0x94, 0xaa, 0x24, 0x15, 0x01, 0x59, 0x30, 0x25, 0x85,
+ 0xbf, 0xa1, 0x34, 0x4b, 0xd3, 0x03, 0x3d, 0x95, 0x45, 0x3e, 0xbd, 0xf4, 0xaf, 0xcb, 0x11, 0x82,
+ 0x89, 0x63, 0x1a, 0x58, 0x83, 0x9f, 0x3f, 0xf7, 0x9e, 0xcd, 0x17, 0x75, 0xc3, 0x35, 0xf8, 0x7d,
+ 0xd3, 0x9e, 0x5b, 0x83, 0x3f, 0x00, 0x79, 0xf2, 0x03, 0xd3, 0xaf, 0x32, 0x30, 0xe3, 0x33, 0x0f,
+ 0xdc, 0xe0, 0x4f, 0x10, 0x79, 0x61, 0x0d, 0xfe, 0xe4, 0x0e, 0x79, 0xf6, 0x45, 0x77, 0xc8, 0x5f,
+ 0xc0, 0x87, 0x05, 0xac, 0xe9, 0xee, 0xbb, 0xee, 0x77, 0xaf, 0xe9, 0xee, 0xdb, 0x96, 0x52, 0x68,
+ 0xfd, 0x57, 0x26, 0x38, 0x81, 0xdf, 0xfb, 0xce, 0xef, 0x8f, 0xff, 0xec, 0x50, 0xfc, 0x26, 0x0b,
+ 0x53, 0xd1, 0xd3, 0x18, 0x6a, 0x10, 0x0a, 0x7d, 0x1b, 0x84, 0x75, 0xb8, 0xb0, 0x6b, 0x2b, 0x4a,
+ 0x8f, 0xb9, 0x21, 0xd0, 0x25, 0x74, 0x1e, 0xf8, 0x5f, 0xe1, 0x92, 0x17, 0xee, 0x25, 0xf0, 0xe0,
+ 0x44, 0xc9, 0x94, 0x66, 0x67, 0xf6, 0x54, 0xcd, 0xce, 0x58, 0xef, 0x2d, 0x37, 0x44, 0xef, 0x2d,
+ 0xb1, 0x71, 0x99, 0x3f, 0x45, 0xe3, 0xf2, 0x34, 0x9d, 0xc6, 0x84, 0x20, 0xd6, 0xaf, 0xd3, 0x28,
+ 0xbe, 0x02, 0x73, 0x5c, 0xcc, 0x62, 0x4d, 0x40, 0xd5, 0x32, 0x34, 0x45, 0x21, 0xc6, 0x8a, 0xdd,
+ 0xed, 0xf6, 0xc4, 0xf7, 0x60, 0x22, 0xdc, 0xde, 0x76, 0x56, 0xda, 0xe9, 0xb0, 0xf3, 0x36, 0x4b,
+ 0x60, 0xa5, 0x9d, 0x71, 0xec, 0x71, 0x88, 0x9f, 0x0a, 0x30, 0x9b, 0xfc, 0x19, 0x1b, 0x52, 0x60,
+ 0xa2, 0x2b, 0x1d, 0x06, 0xbf, 0xf9, 0x13, 0x4e, 0x79, 0x83, 0x67, 0x7d, 0xcd, 0xf5, 0x10, 0x16,
+ 0x8e, 0x60, 0xd3, 0x5b, 0xfd, 0xc5, 0x94, 0x8e, 0xe2, 0xd9, 0x5a, 0x82, 0x1e, 0x41, 0xb1, 0x2b,
+ 0x1d, 0x36, 0x6c, 0xa3, 0x43, 0x4e, 0xfd, 0x66, 0xc1, 0x22, 0xc6, 0x3a, 0x47, 0xc1, 0x1e, 0x9e,
+ 0xf8, 0x85, 0x00, 0xa5, 0xb4, 0xf2, 0x16, 0xdd, 0x0a, 0xf5, 0x3e, 0x5f, 0x8d, 0xf4, 0x3e, 0xa7,
+ 0x63, 0x72, 0x2f, 0xa8, 0xf3, 0xf9, 0x9f, 0x02, 0xcc, 0x26, 0x97, 0xf9, 0xe8, 0xcd, 0x90, 0x85,
+ 0xe5, 0x88, 0x85, 0x93, 0x11, 0x29, 0x6e, 0xdf, 0x5f, 0xc2, 0x04, 0xbf, 0x0c, 0x70, 0x18, 0xee,
+ 0x55, 0x31, 0x29, 0x56, 0x72, 0x08, 0xb7, 0xf8, 0x65, 0xeb, 0x15, 0x1e, 0xc3, 0x11, 0x34, 0xf1,
+ 0x6f, 0x33, 0x90, 0x6f, 0xb4, 0x24, 0x85, 0x9c, 0x41, 0x99, 0xf5, 0x7e, 0xa8, 0xcc, 0xea, 0xf7,
+ 0x7d, 0x3e, 0xb3, 0x2a, 0xb5, 0xc2, 0xc2, 0x91, 0x0a, 0xeb, 0xf5, 0x81, 0xd0, 0x4e, 0x2e, 0xae,
+ 0xfe, 0x08, 0x46, 0x3d, 0xa5, 0xc3, 0xc5, 0x7c, 0xf1, 0xdf, 0x32, 0x30, 0x16, 0x50, 0x31, 0x64,
+ 0xc6, 0xd8, 0x0d, 0x65, 0xda, 0x41, 0xfe, 0x53, 0x27, 0xa0, 0xab, 0xe2, 0xe6, 0x56, 0xe7, 0x33,
+ 0x36, 0xff, 0xc3, 0xa5, 0x78, 0xca, 0x7d, 0x0f, 0x26, 0x2c, 0xf6, 0x9f, 0x2c, 0xde, 0x4b, 0x5f,
+ 0x96, 0xed, 0x45, 0xef, 0xe3, 0xc7, 0x66, 0x88, 0x8a, 0x23, 0xdc, 0x73, 0x77, 0x60, 0x3c, 0xa4,
+ 0x6c, 0xa8, 0xaf, 0xd0, 0xfe, 0x5b, 0x80, 0x57, 0xfb, 0x5e, 0x14, 0x51, 0x2d, 0x74, 0x48, 0x2a,
+ 0x91, 0x43, 0x32, 0x9f, 0x0e, 0xf0, 0x02, 0xbf, 0x66, 0xf8, 0x34, 0x03, 0xa8, 0xb9, 0x27, 0x1b,
+ 0xed, 0xba, 0x64, 0x58, 0x3d, 0xcc, 0xff, 0x1d, 0xe9, 0x0c, 0x0e, 0xcc, 0x2d, 0x18, 0x6b, 0x13,
+ 0xb3, 0x65, 0xc8, 0xcc, 0x39, 0xbc, 0x3a, 0xf7, 0x1e, 0x53, 0x56, 0x7c, 0x12, 0x0e, 0xf2, 0xa1,
+ 0x0f, 0xa0, 0x78, 0xe0, 0xfc, 0x9b, 0x9c, 0xdb, 0x5a, 0xeb, 0x57, 0x48, 0xfa, 0xff, 0x58, 0xe7,
+ 0xef, 0x1f, 0x3e, 0x60, 0x62, 0x0f, 0x4c, 0xfc, 0x5c, 0x80, 0xd9, 0xb8, 0x23, 0x56, 0xa8, 0xa9,
+ 0x2f, 0xde, 0x19, 0xaf, 0x40, 0x8e, 0xa1, 0x53, 0x2f, 0x9c, 0x77, 0xde, 0xb5, 0xa9, 0x66, 0xcc,
+ 0x46, 0xc5, 0x9f, 0x0b, 0x30, 0x97, 0x6c, 0xda, 0x19, 0x94, 0xed, 0x8f, 0xc2, 0x65, 0x7b, 0xbf,
+ 0xb7, 0x8a, 0x64, 0x3b, 0x53, 0x4a, 0xf8, 0x9f, 0x25, 0xfa, 0xfc, 0x0c, 0x26, 0xb5, 0x1d, 0x9e,
+ 0xd4, 0xcd, 0xa1, 0x27, 0x95, 0x3c, 0xa1, 0xda, 0x8d, 0xa7, 0xdf, 0xcf, 0x9f, 0xfb, 0xf6, 0xfb,
+ 0xf9, 0x73, 0xdf, 0x7d, 0x3f, 0x7f, 0xee, 0x6f, 0x8e, 0xe7, 0x85, 0xa7, 0xc7, 0xf3, 0xc2, 0xb7,
+ 0xc7, 0xf3, 0xc2, 0x77, 0xc7, 0xf3, 0xc2, 0x2f, 0x8f, 0xe7, 0x85, 0x7f, 0xfc, 0x61, 0xfe, 0xdc,
+ 0xa3, 0x02, 0xc7, 0xfd, 0x6d, 0x00, 0x00, 0x00, 0xff, 0xff, 0x71, 0x2c, 0x3f, 0x48, 0xe6, 0x3b,
+ 0x00, 0x00,
}
diff --git a/staging/src/k8s.io/api/extensions/v1beta1/generated.proto b/staging/src/k8s.io/api/extensions/v1beta1/generated.proto
index dc8e389f19f..7b6e34da2b2 100644
--- a/staging/src/k8s.io/api/extensions/v1beta1/generated.proto
+++ b/staging/src/k8s.io/api/extensions/v1beta1/generated.proto
@@ -39,6 +39,19 @@ message APIVersion {
optional string name = 1;
}
+// defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+message AllowedHostPath {
+ // is the path prefix that the host volume must match.
+ // It does not support `*`.
+ // Trailing slashes are trimmed when validating the path prefix with a host path.
+ //
+ // Examples:
+ // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+ // `/foo` would not allow `/food` or `/etc/foo`
+ optional string pathPrefix = 1;
+}
+
message CustomMetricCurrentStatus {
// Custom Metric name.
optional string name = 1;
@@ -755,6 +768,10 @@ message PodSecurityPolicySpec {
// privilege escalation.
// +optional
optional bool allowPrivilegeEscalation = 16;
+
+ // is a white list of allowed host paths. Empty indicates that all host paths may be used.
+ // +optional
+ repeated AllowedHostPath allowedHostPaths = 17;
}
// ReplicaSet represents the configuration of a ReplicaSet.
diff --git a/staging/src/k8s.io/api/extensions/v1beta1/types.generated.go b/staging/src/k8s.io/api/extensions/v1beta1/types.generated.go
index 37120e62d10..67e115eb8dc 100644
--- a/staging/src/k8s.io/api/extensions/v1beta1/types.generated.go
+++ b/staging/src/k8s.io/api/extensions/v1beta1/types.generated.go
@@ -14751,7 +14751,7 @@ func (x *PodSecurityPolicySpec) CodecEncodeSelf(e *codec1978.Encoder) {
} else {
yysep2 := !z.EncBinary()
yy2arr2 := z.EncBasicHandle().StructToArray
- var yyq2 [16]bool
+ var yyq2 [17]bool
_, _, _ = yysep2, yyq2, yy2arr2
const yyr2 bool = false
yyq2[0] = x.Privileged != false
@@ -14766,9 +14766,10 @@ func (x *PodSecurityPolicySpec) CodecEncodeSelf(e *codec1978.Encoder) {
yyq2[13] = x.ReadOnlyRootFilesystem != false
yyq2[14] = x.DefaultAllowPrivilegeEscalation != nil
yyq2[15] = x.AllowPrivilegeEscalation != false
+ yyq2[16] = len(x.AllowedHostPaths) != 0
var yynn2 int
if yyr2 || yy2arr2 {
- r.EncodeArrayStart(16)
+ r.EncodeArrayStart(17)
} else {
yynn2 = 4
for _, b := range yyq2 {
@@ -15173,6 +15174,39 @@ func (x *PodSecurityPolicySpec) CodecEncodeSelf(e *codec1978.Encoder) {
}
}
}
+ if yyr2 || yy2arr2 {
+ z.EncSendContainerState(codecSelfer_containerArrayElem1234)
+ if yyq2[16] {
+ if x.AllowedHostPaths == nil {
+ r.EncodeNil()
+ } else {
+ yym62 := z.EncBinary()
+ _ = yym62
+ if false {
+ } else {
+ h.encSliceAllowedHostPath(([]AllowedHostPath)(x.AllowedHostPaths), e)
+ }
+ }
+ } else {
+ r.EncodeNil()
+ }
+ } else {
+ if yyq2[16] {
+ z.EncSendContainerState(codecSelfer_containerMapKey1234)
+ r.EncodeString(codecSelferC_UTF81234, string("allowedHostPaths"))
+ z.EncSendContainerState(codecSelfer_containerMapValue1234)
+ if x.AllowedHostPaths == nil {
+ r.EncodeNil()
+ } else {
+ yym63 := z.EncBinary()
+ _ = yym63
+ if false {
+ } else {
+ h.encSliceAllowedHostPath(([]AllowedHostPath)(x.AllowedHostPaths), e)
+ }
+ }
+ }
+ }
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
} else {
@@ -15410,6 +15444,18 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromMap(l int, d *codec1978.Decod
*((*bool)(yyv30)) = r.DecodeBool()
}
}
+ case "allowedHostPaths":
+ if r.TryDecodeAsNil() {
+ x.AllowedHostPaths = nil
+ } else {
+ yyv32 := &x.AllowedHostPaths
+ yym33 := z.DecBinary()
+ _ = yym33
+ if false {
+ } else {
+ h.decSliceAllowedHostPath((*[]AllowedHostPath)(yyv32), d)
+ }
+ }
default:
z.DecStructFieldNotFound(-1, yys3)
} // end switch yys3
@@ -15421,16 +15467,16 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r
- var yyj32 int
- var yyb32 bool
- var yyhl32 bool = l >= 0
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ var yyj34 int
+ var yyb34 bool
+ var yyhl34 bool = l >= 0
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15438,21 +15484,21 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.Privileged = false
} else {
- yyv33 := &x.Privileged
- yym34 := z.DecBinary()
- _ = yym34
+ yyv35 := &x.Privileged
+ yym36 := z.DecBinary()
+ _ = yym36
if false {
} else {
- *((*bool)(yyv33)) = r.DecodeBool()
+ *((*bool)(yyv35)) = r.DecodeBool()
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15460,29 +15506,7 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.DefaultAddCapabilities = nil
} else {
- yyv35 := &x.DefaultAddCapabilities
- yym36 := z.DecBinary()
- _ = yym36
- if false {
- } else {
- h.decSlicev1_Capability((*[]pkg4_v1.Capability)(yyv35), d)
- }
- }
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
- } else {
- yyb32 = r.CheckBreak()
- }
- if yyb32 {
- z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
- return
- }
- z.DecSendContainerState(codecSelfer_containerArrayElem1234)
- if r.TryDecodeAsNil() {
- x.RequiredDropCapabilities = nil
- } else {
- yyv37 := &x.RequiredDropCapabilities
+ yyv37 := &x.DefaultAddCapabilities
yym38 := z.DecBinary()
_ = yym38
if false {
@@ -15490,21 +15514,21 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
h.decSlicev1_Capability((*[]pkg4_v1.Capability)(yyv37), d)
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
if r.TryDecodeAsNil() {
- x.AllowedCapabilities = nil
+ x.RequiredDropCapabilities = nil
} else {
- yyv39 := &x.AllowedCapabilities
+ yyv39 := &x.RequiredDropCapabilities
yym40 := z.DecBinary()
_ = yym40
if false {
@@ -15512,13 +15536,35 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
h.decSlicev1_Capability((*[]pkg4_v1.Capability)(yyv39), d)
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
+ z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
+ return
+ }
+ z.DecSendContainerState(codecSelfer_containerArrayElem1234)
+ if r.TryDecodeAsNil() {
+ x.AllowedCapabilities = nil
+ } else {
+ yyv41 := &x.AllowedCapabilities
+ yym42 := z.DecBinary()
+ _ = yym42
+ if false {
+ } else {
+ h.decSlicev1_Capability((*[]pkg4_v1.Capability)(yyv41), d)
+ }
+ }
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
+ } else {
+ yyb34 = r.CheckBreak()
+ }
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15526,21 +15572,21 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.Volumes = nil
} else {
- yyv41 := &x.Volumes
- yym42 := z.DecBinary()
- _ = yym42
+ yyv43 := &x.Volumes
+ yym44 := z.DecBinary()
+ _ = yym44
if false {
} else {
- h.decSliceFSType((*[]FSType)(yyv41), d)
+ h.decSliceFSType((*[]FSType)(yyv43), d)
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15548,21 +15594,21 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.HostNetwork = false
} else {
- yyv43 := &x.HostNetwork
- yym44 := z.DecBinary()
- _ = yym44
+ yyv45 := &x.HostNetwork
+ yym46 := z.DecBinary()
+ _ = yym46
if false {
} else {
- *((*bool)(yyv43)) = r.DecodeBool()
+ *((*bool)(yyv45)) = r.DecodeBool()
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15570,21 +15616,21 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.HostPorts = nil
} else {
- yyv45 := &x.HostPorts
- yym46 := z.DecBinary()
- _ = yym46
+ yyv47 := &x.HostPorts
+ yym48 := z.DecBinary()
+ _ = yym48
if false {
} else {
- h.decSliceHostPortRange((*[]HostPortRange)(yyv45), d)
+ h.decSliceHostPortRange((*[]HostPortRange)(yyv47), d)
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15592,29 +15638,7 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.HostPID = false
} else {
- yyv47 := &x.HostPID
- yym48 := z.DecBinary()
- _ = yym48
- if false {
- } else {
- *((*bool)(yyv47)) = r.DecodeBool()
- }
- }
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
- } else {
- yyb32 = r.CheckBreak()
- }
- if yyb32 {
- z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
- return
- }
- z.DecSendContainerState(codecSelfer_containerArrayElem1234)
- if r.TryDecodeAsNil() {
- x.HostIPC = false
- } else {
- yyv49 := &x.HostIPC
+ yyv49 := &x.HostPID
yym50 := z.DecBinary()
_ = yym50
if false {
@@ -15622,13 +15646,35 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
*((*bool)(yyv49)) = r.DecodeBool()
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
+ z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
+ return
+ }
+ z.DecSendContainerState(codecSelfer_containerArrayElem1234)
+ if r.TryDecodeAsNil() {
+ x.HostIPC = false
+ } else {
+ yyv51 := &x.HostIPC
+ yym52 := z.DecBinary()
+ _ = yym52
+ if false {
+ } else {
+ *((*bool)(yyv51)) = r.DecodeBool()
+ }
+ }
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
+ } else {
+ yyb34 = r.CheckBreak()
+ }
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15636,16 +15682,16 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.SELinux = SELinuxStrategyOptions{}
} else {
- yyv51 := &x.SELinux
- yyv51.CodecDecodeSelf(d)
+ yyv53 := &x.SELinux
+ yyv53.CodecDecodeSelf(d)
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15653,16 +15699,16 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.RunAsUser = RunAsUserStrategyOptions{}
} else {
- yyv52 := &x.RunAsUser
- yyv52.CodecDecodeSelf(d)
+ yyv54 := &x.RunAsUser
+ yyv54.CodecDecodeSelf(d)
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15670,16 +15716,16 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.SupplementalGroups = SupplementalGroupsStrategyOptions{}
} else {
- yyv53 := &x.SupplementalGroups
- yyv53.CodecDecodeSelf(d)
+ yyv55 := &x.SupplementalGroups
+ yyv55.CodecDecodeSelf(d)
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15687,16 +15733,16 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.FSGroup = FSGroupStrategyOptions{}
} else {
- yyv54 := &x.FSGroup
- yyv54.CodecDecodeSelf(d)
+ yyv56 := &x.FSGroup
+ yyv56.CodecDecodeSelf(d)
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15704,21 +15750,21 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.ReadOnlyRootFilesystem = false
} else {
- yyv55 := &x.ReadOnlyRootFilesystem
- yym56 := z.DecBinary()
- _ = yym56
+ yyv57 := &x.ReadOnlyRootFilesystem
+ yym58 := z.DecBinary()
+ _ = yym58
if false {
} else {
- *((*bool)(yyv55)) = r.DecodeBool()
+ *((*bool)(yyv57)) = r.DecodeBool()
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15731,20 +15777,20 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if x.DefaultAllowPrivilegeEscalation == nil {
x.DefaultAllowPrivilegeEscalation = new(bool)
}
- yym58 := z.DecBinary()
- _ = yym58
+ yym60 := z.DecBinary()
+ _ = yym60
if false {
} else {
*((*bool)(x.DefaultAllowPrivilegeEscalation)) = r.DecodeBool()
}
}
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@@ -15752,26 +15798,229 @@ func (x *PodSecurityPolicySpec) codecDecodeSelfFromArray(l int, d *codec1978.Dec
if r.TryDecodeAsNil() {
x.AllowPrivilegeEscalation = false
} else {
- yyv59 := &x.AllowPrivilegeEscalation
- yym60 := z.DecBinary()
- _ = yym60
+ yyv61 := &x.AllowPrivilegeEscalation
+ yym62 := z.DecBinary()
+ _ = yym62
if false {
} else {
- *((*bool)(yyv59)) = r.DecodeBool()
+ *((*bool)(yyv61)) = r.DecodeBool()
+ }
+ }
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
+ } else {
+ yyb34 = r.CheckBreak()
+ }
+ if yyb34 {
+ z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
+ return
+ }
+ z.DecSendContainerState(codecSelfer_containerArrayElem1234)
+ if r.TryDecodeAsNil() {
+ x.AllowedHostPaths = nil
+ } else {
+ yyv63 := &x.AllowedHostPaths
+ yym64 := z.DecBinary()
+ _ = yym64
+ if false {
+ } else {
+ h.decSliceAllowedHostPath((*[]AllowedHostPath)(yyv63), d)
}
}
for {
- yyj32++
- if yyhl32 {
- yyb32 = yyj32 > l
+ yyj34++
+ if yyhl34 {
+ yyb34 = yyj34 > l
} else {
- yyb32 = r.CheckBreak()
+ yyb34 = r.CheckBreak()
}
- if yyb32 {
+ if yyb34 {
break
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
- z.DecStructFieldNotFound(yyj32-1, "")
+ z.DecStructFieldNotFound(yyj34-1, "")
+ }
+ z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
+}
+
+func (x *AllowedHostPath) CodecEncodeSelf(e *codec1978.Encoder) {
+ var h codecSelfer1234
+ z, r := codec1978.GenHelperEncoder(e)
+ _, _, _ = h, z, r
+ if x == nil {
+ r.EncodeNil()
+ } else {
+ yym1 := z.EncBinary()
+ _ = yym1
+ if false {
+ } else if z.HasExtensions() && z.EncExt(x) {
+ } else {
+ yysep2 := !z.EncBinary()
+ yy2arr2 := z.EncBasicHandle().StructToArray
+ var yyq2 [1]bool
+ _, _, _ = yysep2, yyq2, yy2arr2
+ const yyr2 bool = false
+ yyq2[0] = x.PathPrefix != ""
+ var yynn2 int
+ if yyr2 || yy2arr2 {
+ r.EncodeArrayStart(1)
+ } else {
+ yynn2 = 0
+ for _, b := range yyq2 {
+ if b {
+ yynn2++
+ }
+ }
+ r.EncodeMapStart(yynn2)
+ yynn2 = 0
+ }
+ if yyr2 || yy2arr2 {
+ z.EncSendContainerState(codecSelfer_containerArrayElem1234)
+ if yyq2[0] {
+ yym4 := z.EncBinary()
+ _ = yym4
+ if false {
+ } else {
+ r.EncodeString(codecSelferC_UTF81234, string(x.PathPrefix))
+ }
+ } else {
+ r.EncodeString(codecSelferC_UTF81234, "")
+ }
+ } else {
+ if yyq2[0] {
+ z.EncSendContainerState(codecSelfer_containerMapKey1234)
+ r.EncodeString(codecSelferC_UTF81234, string("pathPrefix"))
+ z.EncSendContainerState(codecSelfer_containerMapValue1234)
+ yym5 := z.EncBinary()
+ _ = yym5
+ if false {
+ } else {
+ r.EncodeString(codecSelferC_UTF81234, string(x.PathPrefix))
+ }
+ }
+ }
+ if yyr2 || yy2arr2 {
+ z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
+ } else {
+ z.EncSendContainerState(codecSelfer_containerMapEnd1234)
+ }
+ }
+ }
+}
+
+func (x *AllowedHostPath) CodecDecodeSelf(d *codec1978.Decoder) {
+ var h codecSelfer1234
+ z, r := codec1978.GenHelperDecoder(d)
+ _, _, _ = h, z, r
+ yym1 := z.DecBinary()
+ _ = yym1
+ if false {
+ } else if z.HasExtensions() && z.DecExt(x) {
+ } else {
+ yyct2 := r.ContainerType()
+ if yyct2 == codecSelferValueTypeMap1234 {
+ yyl2 := r.ReadMapStart()
+ if yyl2 == 0 {
+ z.DecSendContainerState(codecSelfer_containerMapEnd1234)
+ } else {
+ x.codecDecodeSelfFromMap(yyl2, d)
+ }
+ } else if yyct2 == codecSelferValueTypeArray1234 {
+ yyl2 := r.ReadArrayStart()
+ if yyl2 == 0 {
+ z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
+ } else {
+ x.codecDecodeSelfFromArray(yyl2, d)
+ }
+ } else {
+ panic(codecSelferOnlyMapOrArrayEncodeToStructErr1234)
+ }
+ }
+}
+
+func (x *AllowedHostPath) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) {
+ var h codecSelfer1234
+ z, r := codec1978.GenHelperDecoder(d)
+ _, _, _ = h, z, r
+ var yys3Slc = z.DecScratchBuffer() // default slice to decode into
+ _ = yys3Slc
+ var yyhl3 bool = l >= 0
+ for yyj3 := 0; ; yyj3++ {
+ if yyhl3 {
+ if yyj3 >= l {
+ break
+ }
+ } else {
+ if r.CheckBreak() {
+ break
+ }
+ }
+ z.DecSendContainerState(codecSelfer_containerMapKey1234)
+ yys3Slc = r.DecodeBytes(yys3Slc, true, true)
+ yys3 := string(yys3Slc)
+ z.DecSendContainerState(codecSelfer_containerMapValue1234)
+ switch yys3 {
+ case "pathPrefix":
+ if r.TryDecodeAsNil() {
+ x.PathPrefix = ""
+ } else {
+ yyv4 := &x.PathPrefix
+ yym5 := z.DecBinary()
+ _ = yym5
+ if false {
+ } else {
+ *((*string)(yyv4)) = r.DecodeString()
+ }
+ }
+ default:
+ z.DecStructFieldNotFound(-1, yys3)
+ } // end switch yys3
+ } // end for yyj3
+ z.DecSendContainerState(codecSelfer_containerMapEnd1234)
+}
+
+func (x *AllowedHostPath) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
+ var h codecSelfer1234
+ z, r := codec1978.GenHelperDecoder(d)
+ _, _, _ = h, z, r
+ var yyj6 int
+ var yyb6 bool
+ var yyhl6 bool = l >= 0
+ yyj6++
+ if yyhl6 {
+ yyb6 = yyj6 > l
+ } else {
+ yyb6 = r.CheckBreak()
+ }
+ if yyb6 {
+ z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
+ return
+ }
+ z.DecSendContainerState(codecSelfer_containerArrayElem1234)
+ if r.TryDecodeAsNil() {
+ x.PathPrefix = ""
+ } else {
+ yyv7 := &x.PathPrefix
+ yym8 := z.DecBinary()
+ _ = yym8
+ if false {
+ } else {
+ *((*string)(yyv7)) = r.DecodeString()
+ }
+ }
+ for {
+ yyj6++
+ if yyhl6 {
+ yyb6 = yyj6 > l
+ } else {
+ yyb6 = r.CheckBreak()
+ }
+ if yyb6 {
+ break
+ }
+ z.DecSendContainerState(codecSelfer_containerArrayElem1234)
+ z.DecStructFieldNotFound(yyj6-1, "")
}
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
}
@@ -21700,6 +21949,125 @@ func (x codecSelfer1234) decSliceHostPortRange(v *[]HostPortRange, d *codec1978.
}
}
+func (x codecSelfer1234) encSliceAllowedHostPath(v []AllowedHostPath, e *codec1978.Encoder) {
+ var h codecSelfer1234
+ z, r := codec1978.GenHelperEncoder(e)
+ _, _, _ = h, z, r
+ r.EncodeArrayStart(len(v))
+ for _, yyv1 := range v {
+ z.EncSendContainerState(codecSelfer_containerArrayElem1234)
+ yy2 := &yyv1
+ yy2.CodecEncodeSelf(e)
+ }
+ z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
+}
+
+func (x codecSelfer1234) decSliceAllowedHostPath(v *[]AllowedHostPath, d *codec1978.Decoder) {
+ var h codecSelfer1234
+ z, r := codec1978.GenHelperDecoder(d)
+ _, _, _ = h, z, r
+
+ yyv1 := *v
+ yyh1, yyl1 := z.DecSliceHelperStart()
+ var yyc1 bool
+ _ = yyc1
+ if yyl1 == 0 {
+ if yyv1 == nil {
+ yyv1 = []AllowedHostPath{}
+ yyc1 = true
+ } else if len(yyv1) != 0 {
+ yyv1 = yyv1[:0]
+ yyc1 = true
+ }
+ } else if yyl1 > 0 {
+ var yyrr1, yyrl1 int
+ var yyrt1 bool
+ _, _ = yyrl1, yyrt1
+ yyrr1 = yyl1 // len(yyv1)
+ if yyl1 > cap(yyv1) {
+
+ yyrg1 := len(yyv1) > 0
+ yyv21 := yyv1
+ yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 16)
+ if yyrt1 {
+ if yyrl1 <= cap(yyv1) {
+ yyv1 = yyv1[:yyrl1]
+ } else {
+ yyv1 = make([]AllowedHostPath, yyrl1)
+ }
+ } else {
+ yyv1 = make([]AllowedHostPath, yyrl1)
+ }
+ yyc1 = true
+ yyrr1 = len(yyv1)
+ if yyrg1 {
+ copy(yyv1, yyv21)
+ }
+ } else if yyl1 != len(yyv1) {
+ yyv1 = yyv1[:yyl1]
+ yyc1 = true
+ }
+ yyj1 := 0
+ for ; yyj1 < yyrr1; yyj1++ {
+ yyh1.ElemContainerState(yyj1)
+ if r.TryDecodeAsNil() {
+ yyv1[yyj1] = AllowedHostPath{}
+ } else {
+ yyv2 := &yyv1[yyj1]
+ yyv2.CodecDecodeSelf(d)
+ }
+
+ }
+ if yyrt1 {
+ for ; yyj1 < yyl1; yyj1++ {
+ yyv1 = append(yyv1, AllowedHostPath{})
+ yyh1.ElemContainerState(yyj1)
+ if r.TryDecodeAsNil() {
+ yyv1[yyj1] = AllowedHostPath{}
+ } else {
+ yyv3 := &yyv1[yyj1]
+ yyv3.CodecDecodeSelf(d)
+ }
+
+ }
+ }
+
+ } else {
+ yyj1 := 0
+ for ; !r.CheckBreak(); yyj1++ {
+
+ if yyj1 >= len(yyv1) {
+ yyv1 = append(yyv1, AllowedHostPath{}) // var yyz1 AllowedHostPath
+ yyc1 = true
+ }
+ yyh1.ElemContainerState(yyj1)
+ if yyj1 < len(yyv1) {
+ if r.TryDecodeAsNil() {
+ yyv1[yyj1] = AllowedHostPath{}
+ } else {
+ yyv4 := &yyv1[yyj1]
+ yyv4.CodecDecodeSelf(d)
+ }
+
+ } else {
+ z.DecSwallow()
+ }
+
+ }
+ if yyj1 < len(yyv1) {
+ yyv1 = yyv1[:yyj1]
+ yyc1 = true
+ } else if yyj1 == 0 && yyv1 == nil {
+ yyv1 = []AllowedHostPath{}
+ yyc1 = true
+ }
+ }
+ yyh1.End()
+ if yyc1 {
+ *v = yyv1
+ }
+}
+
func (x codecSelfer1234) encSliceIDRange(v []IDRange, e *codec1978.Encoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperEncoder(e)
@@ -21858,7 +22226,7 @@ func (x codecSelfer1234) decSlicePodSecurityPolicy(v *[]PodSecurityPolicy, d *co
yyrg1 := len(yyv1) > 0
yyv21 := yyv1
- yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 576)
+ yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 600)
if yyrt1 {
if yyrl1 <= cap(yyv1) {
yyv1 = yyv1[:yyrl1]
diff --git a/staging/src/k8s.io/api/extensions/v1beta1/types.go b/staging/src/k8s.io/api/extensions/v1beta1/types.go
index 0c2b3d9c301..b85c09376b3 100644
--- a/staging/src/k8s.io/api/extensions/v1beta1/types.go
+++ b/staging/src/k8s.io/api/extensions/v1beta1/types.go
@@ -966,6 +966,22 @@ type PodSecurityPolicySpec struct {
// privilege escalation.
// +optional
AllowPrivilegeEscalation bool `json:"allowPrivilegeEscalation,omitempty" protobuf:"varint,16,opt,name=allowPrivilegeEscalation"`
+ // is a white list of allowed host paths. Empty indicates that all host paths may be used.
+ // +optional
+ AllowedHostPaths []AllowedHostPath `json:"allowedHostPaths,omitempty" protobuf:"bytes,17,rep,name=allowedHostPaths"`
+}
+
+// defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+type AllowedHostPath struct {
+ // is the path prefix that the host volume must match.
+ // It does not support `*`.
+ // Trailing slashes are trimmed when validating the path prefix with a host path.
+ //
+ // Examples:
+ // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+ // `/foo` would not allow `/food` or `/etc/foo`
+ PathPrefix string `json:"pathPrefix,omitempty" protobuf:"bytes,1,rep,name=pathPrefix"`
}
// FS Type gives strong typing to different file systems that are used by volumes.
diff --git a/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
index 9343560dcb7..ee752840081 100644
--- a/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
+++ b/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
@@ -36,6 +36,15 @@ func (APIVersion) SwaggerDoc() map[string]string {
return map_APIVersion
}
+var map_AllowedHostPath = map[string]string{
+ "": "defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined.",
+ "pathPrefix": "is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`",
+}
+
+func (AllowedHostPath) SwaggerDoc() map[string]string {
+ return map_AllowedHostPath
+}
+
var map_CustomMetricCurrentStatus = map[string]string{
"name": "Custom Metric name.",
"value": "Custom Metric value (average).",
@@ -438,6 +447,7 @@ var map_PodSecurityPolicySpec = map[string]string{
"readOnlyRootFilesystem": "ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.",
"defaultAllowPrivilegeEscalation": "DefaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.",
"allowPrivilegeEscalation": "AllowPrivilegeEscalation determines if a pod can request to allow privilege escalation.",
+ "allowedHostPaths": "is a white list of allowed host paths. Empty indicates that all host paths may be used.",
}
func (PodSecurityPolicySpec) SwaggerDoc() map[string]string {
diff --git a/staging/src/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go b/staging/src/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
index c0aa22dad18..c2b52beeb40 100644
--- a/staging/src/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
+++ b/staging/src/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
@@ -43,6 +43,10 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
in.(*APIVersion).DeepCopyInto(out.(*APIVersion))
return nil
}, InType: reflect.TypeOf(&APIVersion{})},
+ conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
+ in.(*AllowedHostPath).DeepCopyInto(out.(*AllowedHostPath))
+ return nil
+ }, InType: reflect.TypeOf(&AllowedHostPath{})},
conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
in.(*CustomMetricCurrentStatus).DeepCopyInto(out.(*CustomMetricCurrentStatus))
return nil
@@ -294,6 +298,22 @@ func (in *APIVersion) DeepCopy() *APIVersion {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllowedHostPath) DeepCopyInto(out *AllowedHostPath) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedHostPath.
+func (in *AllowedHostPath) DeepCopy() *AllowedHostPath {
+ if in == nil {
+ return nil
+ }
+ out := new(AllowedHostPath)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CustomMetricCurrentStatus) DeepCopyInto(out *CustomMetricCurrentStatus) {
*out = *in
@@ -1365,6 +1385,11 @@ func (in *PodSecurityPolicySpec) DeepCopyInto(out *PodSecurityPolicySpec) {
**out = **in
}
}
+ if in.AllowedHostPaths != nil {
+ in, out := &in.AllowedHostPaths, &out.AllowedHostPaths
+ *out = make([]AllowedHostPath, len(*in))
+ copy(*out, *in)
+ }
return
}