diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 58451ec7131..a588771a581 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,10 +1,25 @@ +**What type of PR is this?** +> Uncomment only one, leave it on its own line: +> +> /kind api-change +> /kind bug +> /kind cleanup +> /kind design +> /kind documentation +> /kind failing-test +> /kind feature +> /kind flake + **What this PR does / why we need it**: **Which issue(s) this PR fixes** *(optional, in `fixes #(, fixes #, ...)` format, will close the issue(s) when PR gets merged)*: @@ -12,10 +27,12 @@ Fixes # **Special notes for your reviewer**: -**Release note**: - ```release-note diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index 00b56987bd1..b83fcfb8dba 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -36,33 +36,33 @@ }, { "ImportPath": "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute", - "Comment": "v19.0.0", - "Rev": "520918e6c8e8e1064154f51d13e02fad92b287b8" + "Comment": "v21.1.0", + "Rev": "6d20bdbae88c06c36d72eb512295417693bfdf4e" }, { "ImportPath": "github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry", - "Comment": "v19.0.0", - "Rev": "520918e6c8e8e1064154f51d13e02fad92b287b8" + "Comment": "v21.1.0", + "Rev": "6d20bdbae88c06c36d72eb512295417693bfdf4e" }, { "ImportPath": "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network", - "Comment": "v19.0.0", - "Rev": "520918e6c8e8e1064154f51d13e02fad92b287b8" + "Comment": "v21.1.0", + "Rev": "6d20bdbae88c06c36d72eb512295417693bfdf4e" }, { - "ImportPath": "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage", - "Comment": "v19.0.0", - "Rev": "520918e6c8e8e1064154f51d13e02fad92b287b8" + "ImportPath": "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage", + "Comment": "v21.1.0", + "Rev": "6d20bdbae88c06c36d72eb512295417693bfdf4e" }, { "ImportPath": "github.com/Azure/azure-sdk-for-go/storage", - "Comment": "v19.0.0", - "Rev": "520918e6c8e8e1064154f51d13e02fad92b287b8" + "Comment": "v21.1.0", + "Rev": "6d20bdbae88c06c36d72eb512295417693bfdf4e" }, { "ImportPath": "github.com/Azure/azure-sdk-for-go/version", - "Comment": "v19.0.0", - "Rev": "520918e6c8e8e1064154f51d13e02fad92b287b8" + "Comment": "v21.1.0", + "Rev": "6d20bdbae88c06c36d72eb512295417693bfdf4e" }, { "ImportPath": "github.com/Azure/go-ansiterm", @@ -74,38 +74,43 @@ }, { "ImportPath": "github.com/Azure/go-autorest/autorest", - "Comment": "v10.14.0", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/adal", - "Comment": "v10.14.0", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/azure", - "Comment": "v10.14.0", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/date", - "Comment": "v10.14.0", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/to", - "Comment": "v10.14.0", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/validation", - "Comment": "v10.14.0", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" + }, + { + "ImportPath": "github.com/Azure/go-autorest/logger", + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/version", - "Comment": "v10.14.0", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Comment": "v10.15.4", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/GeertJohan/go.rice", diff --git a/Godeps/LICENSES b/Godeps/LICENSES index 1873f549a8f..f7ef753bcbc 100644 --- a/Godeps/LICENSES +++ b/Godeps/LICENSES @@ -8767,7 +8767,7 @@ SOFTWARE. ================================================================================ -= vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage licensed under: = += vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage licensed under: = Apache License @@ -10648,6 +10648,205 @@ THE SOFTWARE. ================================================================================ +================================================================================ += vendor/github.com/Azure/go-autorest/logger licensed under: = + + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2015 Microsoft Corporation + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/github.com/Azure/go-autorest/LICENSE a250e5ac3848f2acadb5adcb9555c18b +================================================================================ + + ================================================================================ = vendor/github.com/Azure/go-autorest/version licensed under: = diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index a901cc830e7..a6defd83d53 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -39051,6 +39051,805 @@ } ] }, + "/apis/auditregistration.k8s.io/": { + "get": { + "description": "get information of a group", + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration" + ], + "operationId": "getAuditregistrationAPIGroup", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + } + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/": { + "get": { + "description": "get available resources", + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "getAuditregistrationV1alpha1APIResources", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + } + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/auditsinks": { + "get": { + "description": "list or watch objects of kind AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "listAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "post": { + "description": "create an AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "createAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "delete": { + "description": "delete collection of AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "deleteAuditregistrationV1alpha1CollectionAuditSink", + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "boolean", + "description": "If true, partially initialized resources are included in the response.", + "name": "includeUninitialized", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + } + ] + }, + "/apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}": { + "get": { + "description": "read the specified AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "readAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "uniqueItems": true, + "type": "boolean", + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + "name": "exact", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Should this value be exported. Export strips fields that a user can not specify.", + "name": "export", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "put": { + "description": "replace the specified AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "replaceAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "delete": { + "description": "delete an AuditSink", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "deleteAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "name": "gracePeriodSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "name": "orphanDependents", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "name": "propagationPolicy", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "patch": { + "description": "partially update the specified AuditSink", + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "patchAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "uniqueItems": true, + "type": "string", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "name": "dryRun", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "name of the AuditSink", + "name": "name", + "in": "path", + "required": true + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + } + ] + }, + "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks": { + "get": { + "description": "watch individual changes to a list of AuditSink. deprecated: use the 'watch' parameter with a list operation instead.", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "watchAuditregistrationV1alpha1AuditSinkList", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "If true, partially initialized resources are included in the response.", + "name": "includeUninitialized", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ] + }, + "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}": { + "get": { + "description": "watch changes to an object of kind AuditSink. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "consumes": [ + "*/*" + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "operationId": "watchAuditregistrationV1alpha1AuditSink", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "uniqueItems": true, + "type": "string", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "name": "continue", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "name": "fieldSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "If true, partially initialized resources are included in the response.", + "name": "includeUninitialized", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "name": "labelSelector", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "name": "limit", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "name of the AuditSink", + "name": "name", + "in": "path", + "required": true + }, + { + "uniqueItems": true, + "type": "string", + "description": "If 'true', then the output is pretty printed.", + "name": "pretty", + "in": "query" + }, + { + "uniqueItems": true, + "type": "string", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "name": "resourceVersion", + "in": "query" + }, + { + "uniqueItems": true, + "type": "integer", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "name": "timeoutSeconds", + "in": "query" + }, + { + "uniqueItems": true, + "type": "boolean", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "name": "watch", + "in": "query" + } + ] + }, "/apis/authentication.k8s.io/": { "get": { "description": "get information of a group", @@ -79043,6 +79842,172 @@ } } }, + "io.k8s.api.auditregistration.v1alpha1.AuditSink": { + "description": "AuditSink represents a cluster level audit sink", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "description": "Spec defines the audit configuration spec", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec" + } + }, + "x-kubernetes-group-version-kind": [ + { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.auditregistration.v1alpha1.AuditSinkList": { + "description": "AuditSinkList is a list of AuditSink items.", + "required": [ + "items" + ], + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of audit configurations.", + "type": "array", + "items": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "x-kubernetes-group-version-kind": [ + { + "group": "auditregistration.k8s.io", + "kind": "AuditSinkList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec": { + "description": "AuditSinkSpec holds the spec for the audit sink", + "required": [ + "policy", + "webhook" + ], + "properties": { + "policy": { + "description": "Policy defines the policy for selecting which events should be sent to the webhook required", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Policy" + }, + "webhook": { + "description": "Webhook to send events required", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Webhook" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.Policy": { + "description": "Policy defines the configuration of how audit events are logged", + "required": [ + "level" + ], + "properties": { + "level": { + "description": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required", + "type": "string" + }, + "stages": { + "description": "Stages is a list of stages for which events are created.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.ServiceReference": { + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "required": [ + "namespace", + "name" + ], + "properties": { + "name": { + "description": "`name` is the name of the service. Required", + "type": "string" + }, + "namespace": { + "description": "`namespace` is the namespace of the service. Required", + "type": "string" + }, + "path": { + "description": "`path` is an optional URL path which will be sent in any request to this service.", + "type": "string" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.Webhook": { + "description": "Webhook holds the configuration of the webhook", + "required": [ + "clientConfig" + ], + "properties": { + "clientConfig": { + "description": "ClientConfig holds the connection parameters for the webhook required", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig" + }, + "throttle": { + "description": "Throttle holds the options for throttling the webhook", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig": { + "description": "WebhookClientConfig contains the information to make a connection with the webhook", + "properties": { + "caBundle": { + "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. defaults to the apiservers CA bundle for the endpoint type", + "type": "string", + "format": "byte" + }, + "service": { + "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.ServiceReference" + }, + "url": { + "description": "`url` gives the location of the webhook, in standard URL form (`[scheme://]host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", + "type": "string" + } + } + }, + "io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig": { + "description": "WebhookThrottleConfig holds the configuration for throttling events", + "properties": { + "burst": { + "description": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS", + "type": "integer", + "format": "int64" + }, + "qps": { + "description": "ThrottleQPS maximum number of batches per second default 10 QPS", + "type": "integer", + "format": "int64" + } + } + }, "io.k8s.api.authentication.v1.TokenReview": { "description": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.", "required": [ @@ -91672,6 +92637,11 @@ "kind": "DeleteOptions", "version": "v1beta2" }, + { + "group": "auditregistration.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, { "group": "authentication.k8s.io", "kind": "DeleteOptions", @@ -92237,6 +93207,11 @@ "kind": "WatchEvent", "version": "v1beta2" }, + { + "group": "auditregistration.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, { "group": "authentication.k8s.io", "kind": "WatchEvent", diff --git a/api/swagger-spec/auditregistration.k8s.io.json b/api/swagger-spec/auditregistration.k8s.io.json new file mode 100644 index 00000000000..983c730ae1a --- /dev/null +++ b/api/swagger-spec/auditregistration.k8s.io.json @@ -0,0 +1,113 @@ +{ + "swaggerVersion": "1.2", + "apiVersion": "", + "basePath": "https://10.10.10.10:6443", + "resourcePath": "/apis/auditregistration.k8s.io", + "info": { + "title": "", + "description": "" + }, + "apis": [ + { + "path": "/apis/auditregistration.k8s.io", + "description": "get information of a group", + "operations": [ + { + "type": "v1.APIGroup", + "method": "GET", + "summary": "get information of a group", + "nickname": "getAPIGroup", + "parameters": [], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ] + } + ] + } + ], + "models": { + "v1.APIGroup": { + "id": "v1.APIGroup", + "description": "APIGroup contains the name, the supported versions, and the preferred version of a group.", + "required": [ + "name", + "versions" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "name": { + "type": "string", + "description": "name is the name of the group." + }, + "versions": { + "type": "array", + "items": { + "$ref": "v1.GroupVersionForDiscovery" + }, + "description": "versions are the versions supported in this group." + }, + "preferredVersion": { + "$ref": "v1.GroupVersionForDiscovery", + "description": "preferredVersion is the version preferred by the API server, which probably is the storage version." + }, + "serverAddressByClientCIDRs": { + "type": "array", + "items": { + "$ref": "v1.ServerAddressByClientCIDR" + }, + "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP." + } + } + }, + "v1.GroupVersionForDiscovery": { + "id": "v1.GroupVersionForDiscovery", + "description": "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", + "required": [ + "groupVersion", + "version" + ], + "properties": { + "groupVersion": { + "type": "string", + "description": "groupVersion specifies the API group and version in the form \"group/version\"" + }, + "version": { + "type": "string", + "description": "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion." + } + } + }, + "v1.ServerAddressByClientCIDR": { + "id": "v1.ServerAddressByClientCIDR", + "description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", + "required": [ + "clientCIDR", + "serverAddress" + ], + "properties": { + "clientCIDR": { + "type": "string", + "description": "The CIDR with which clients can match their IP to figure out the server address that they should use." + }, + "serverAddress": { + "type": "string", + "description": "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port." + } + } + } + } + } diff --git a/api/swagger-spec/auditregistration.k8s.io_v1alpha1.json b/api/swagger-spec/auditregistration.k8s.io_v1alpha1.json new file mode 100644 index 00000000000..64c8229ae5a --- /dev/null +++ b/api/swagger-spec/auditregistration.k8s.io_v1alpha1.json @@ -0,0 +1,1363 @@ +{ + "swaggerVersion": "1.2", + "apiVersion": "auditregistration.k8s.io/v1alpha1", + "basePath": "https://10.10.10.10:6443", + "resourcePath": "/apis/auditregistration.k8s.io/v1alpha1", + "info": { + "title": "", + "description": "" + }, + "apis": [ + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/auditsinks", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1alpha1.AuditSinkList", + "method": "GET", + "summary": "list or watch objects of kind AuditSink", + "nickname": "listAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSinkList" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1alpha1.AuditSink", + "method": "POST", + "summary": "create an AuditSink", + "nickname": "createAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1alpha1.AuditSink", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If IncludeUninitialized is specified, the object may be returned without completing initialization.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + }, + { + "code": 201, + "message": "Created", + "responseModel": "v1alpha1.AuditSink" + }, + { + "code": 202, + "message": "Accepted", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1.Status", + "method": "DELETE", + "summary": "delete collection of AuditSink", + "nickname": "deletecollectionAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.Status" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1.WatchEvent", + "method": "GET", + "summary": "watch individual changes to a list of AuditSink. deprecated: use the 'watch' parameter with a list operation instead.", + "nickname": "watchAuditSinkList", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.WatchEvent" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1alpha1.AuditSink", + "method": "GET", + "summary": "read the specified AuditSink", + "nickname": "readAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "export", + "description": "Should this value be exported. Export strips fields that a user can not specify.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "exact", + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1alpha1.AuditSink", + "method": "PUT", + "summary": "replace the specified AuditSink", + "nickname": "replaceAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1alpha1.AuditSink", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + }, + { + "code": 201, + "message": "Created", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + }, + { + "type": "v1alpha1.AuditSink", + "method": "PATCH", + "summary": "partially update the specified AuditSink", + "nickname": "patchAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1.Patch", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1alpha1.AuditSink" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ] + }, + { + "type": "v1.Status", + "method": "DELETE", + "summary": "delete an AuditSink", + "nickname": "deleteAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1.DeleteOptions", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "gracePeriodSeconds", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "orphanDependents", + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "propagationPolicy", + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "dryRun", + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.Status" + }, + { + "code": 202, + "message": "Accepted", + "responseModel": "v1.Status" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1.WatchEvent", + "method": "GET", + "summary": "watch changes to an object of kind AuditSink. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "nickname": "watchAuditSink", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "labelSelector", + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "fieldSelector", + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "includeUninitialized", + "description": "If true, partially initialized resources are included in the response.", + "required": false, + "allowMultiple": false + }, + { + "type": "boolean", + "paramType": "query", + "name": "watch", + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "resourceVersion", + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "timeoutSeconds", + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "required": false, + "allowMultiple": false + }, + { + "type": "integer", + "paramType": "query", + "name": "limit", + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "query", + "name": "continue", + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "required": false, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "name", + "description": "name of the AuditSink", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1.WatchEvent" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "consumes": [ + "*/*" + ] + } + ] + }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1", + "operations": [ + { + "type": "v1.APIResourceList", + "method": "GET", + "summary": "get available resources", + "nickname": "getAPIResources", + "parameters": [], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ] + } + ] + } + ], + "models": { + "v1alpha1.AuditSinkList": { + "id": "v1alpha1.AuditSinkList", + "description": "AuditSinkList is a list of AuditSink items.", + "required": [ + "items" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ListMeta" + }, + "items": { + "type": "array", + "items": { + "$ref": "v1alpha1.AuditSink" + }, + "description": "List of audit configurations." + } + } + }, + "v1.ListMeta": { + "id": "v1.ListMeta", + "description": "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", + "properties": { + "selfLink": { + "type": "string", + "description": "selfLink is a URL representing this object. Populated by the system. Read-only." + }, + "resourceVersion": { + "type": "string", + "description": "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + }, + "continue": { + "type": "string", + "description": "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message." + } + } + }, + "v1alpha1.AuditSink": { + "id": "v1alpha1.AuditSink", + "description": "AuditSink represents a cluster level audit sink", + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ObjectMeta" + }, + "spec": { + "$ref": "v1alpha1.AuditSinkSpec", + "description": "Spec defines the audit configuration spec" + } + } + }, + "v1.ObjectMeta": { + "id": "v1.ObjectMeta", + "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", + "properties": { + "name": { + "type": "string", + "description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + }, + "generateName": { + "type": "string", + "description": "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + }, + "namespace": { + "type": "string", + "description": "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + }, + "selfLink": { + "type": "string", + "description": "SelfLink is a URL representing this object. Populated by the system. Read-only." + }, + "uid": { + "type": "string", + "description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + }, + "resourceVersion": { + "type": "string", + "description": "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + }, + "generation": { + "type": "integer", + "format": "int64", + "description": "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only." + }, + "creationTimestamp": { + "type": "string", + "description": "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "deletionTimestamp": { + "type": "string", + "description": "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "deletionGracePeriodSeconds": { + "type": "integer", + "format": "int64", + "description": "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only." + }, + "labels": { + "type": "object", + "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels" + }, + "annotations": { + "type": "object", + "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations" + }, + "ownerReferences": { + "type": "array", + "items": { + "$ref": "v1.OwnerReference" + }, + "description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller." + }, + "initializers": { + "$ref": "v1.Initializers", + "description": "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.\n\nWhen an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user." + }, + "finalizers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed." + }, + "clusterName": { + "type": "string", + "description": "The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request." + } + } + }, + "v1.OwnerReference": { + "id": "v1.OwnerReference", + "description": "OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.", + "required": [ + "apiVersion", + "kind", + "name", + "uid" + ], + "properties": { + "apiVersion": { + "type": "string", + "description": "API version of the referent." + }, + "kind": { + "type": "string", + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "name": { + "type": "string", + "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" + }, + "uid": { + "type": "string", + "description": "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + }, + "controller": { + "type": "boolean", + "description": "If true, this reference points to the managing controller." + }, + "blockOwnerDeletion": { + "type": "boolean", + "description": "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned." + } + } + }, + "v1.Initializers": { + "id": "v1.Initializers", + "description": "Initializers tracks the progress of initialization.", + "required": [ + "pending" + ], + "properties": { + "pending": { + "type": "array", + "items": { + "$ref": "v1.Initializer" + }, + "description": "Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients." + }, + "result": { + "$ref": "v1.Status", + "description": "If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion." + } + } + }, + "v1.Initializer": { + "id": "v1.Initializer", + "description": "Initializer is information about an initializer that has not yet completed.", + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string", + "description": "name of the process that is responsible for initializing this object." + } + } + }, + "v1.Status": { + "id": "v1.Status", + "description": "Status is a return value for calls that don't return other objects.", + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "status": { + "type": "string", + "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "message": { + "type": "string", + "description": "A human-readable description of the status of this operation." + }, + "reason": { + "type": "string", + "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it." + }, + "details": { + "$ref": "v1.StatusDetails", + "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type." + }, + "code": { + "type": "integer", + "format": "int32", + "description": "Suggested HTTP return code for this status, 0 if not set." + } + } + }, + "v1.StatusDetails": { + "id": "v1.StatusDetails", + "description": "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", + "properties": { + "name": { + "type": "string", + "description": "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described)." + }, + "group": { + "type": "string", + "description": "The group attribute of the resource associated with the status StatusReason." + }, + "kind": { + "type": "string", + "description": "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "uid": { + "type": "string", + "description": "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + }, + "causes": { + "type": "array", + "items": { + "$ref": "v1.StatusCause" + }, + "description": "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes." + }, + "retryAfterSeconds": { + "type": "integer", + "format": "int32", + "description": "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action." + } + } + }, + "v1.StatusCause": { + "id": "v1.StatusCause", + "description": "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", + "properties": { + "reason": { + "type": "string", + "description": "A machine-readable description of the cause of the error. If this value is empty there is no information available." + }, + "message": { + "type": "string", + "description": "A human-readable description of the cause of the error. This field may be presented as-is to a reader." + }, + "field": { + "type": "string", + "description": "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + } + } + }, + "v1alpha1.AuditSinkSpec": { + "id": "v1alpha1.AuditSinkSpec", + "description": "AuditSinkSpec holds the spec for the audit sink", + "required": [ + "policy", + "webhook" + ], + "properties": { + "policy": { + "$ref": "v1alpha1.Policy", + "description": "Policy defines the policy for selecting which events should be sent to the webhook required" + }, + "webhook": { + "$ref": "v1alpha1.Webhook", + "description": "Webhook to send events required" + } + } + }, + "v1alpha1.Policy": { + "id": "v1alpha1.Policy", + "description": "Policy defines the configuration of how audit events are logged", + "required": [ + "level", + "stages" + ], + "properties": { + "level": { + "type": "string", + "description": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required" + }, + "stages": { + "type": "array", + "items": { + "$ref": "v1alpha1.Stage" + }, + "description": "Stages is a list of stages for which events are created." + } + } + }, + "v1alpha1.Stage": { + "id": "v1alpha1.Stage", + "properties": {} + }, + "v1alpha1.Webhook": { + "id": "v1alpha1.Webhook", + "description": "Webhook holds the configuration of the webhook", + "required": [ + "clientConfig" + ], + "properties": { + "throttle": { + "$ref": "v1alpha1.WebhookThrottleConfig", + "description": "Throttle holds the options for throttling the webhook" + }, + "clientConfig": { + "$ref": "v1alpha1.WebhookClientConfig", + "description": "ClientConfig holds the connection parameters for the webhook required" + } + } + }, + "v1alpha1.WebhookThrottleConfig": { + "id": "v1alpha1.WebhookThrottleConfig", + "description": "WebhookThrottleConfig holds the configuration for throttling events", + "properties": { + "qps": { + "type": "integer", + "format": "int64", + "description": "ThrottleQPS maximum number of batches per second default 10 QPS" + }, + "burst": { + "type": "integer", + "format": "int64", + "description": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS" + } + } + }, + "v1alpha1.WebhookClientConfig": { + "id": "v1alpha1.WebhookClientConfig", + "description": "WebhookClientConfig contains the information to make a connection with the webhook", + "required": [ + "service", + "caBundle" + ], + "properties": { + "url": { + "type": "string", + "description": "`url` gives the location of the webhook, in standard URL form (`[scheme://]host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either." + }, + "service": { + "$ref": "v1alpha1.ServiceReference", + "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error." + }, + "caBundle": { + "type": "string", + "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. defaults to the apiservers CA bundle for the endpoint type" + } + } + }, + "v1alpha1.ServiceReference": { + "id": "v1alpha1.ServiceReference", + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "required": [ + "namespace", + "name" + ], + "properties": { + "namespace": { + "type": "string", + "description": "`namespace` is the namespace of the service. Required" + }, + "name": { + "type": "string", + "description": "`name` is the name of the service. Required" + }, + "path": { + "type": "string", + "description": "`path` is an optional URL path which will be sent in any request to this service." + } + } + }, + "v1.WatchEvent": { + "id": "v1.WatchEvent", + "required": [ + "type", + "object" + ], + "properties": { + "type": { + "type": "string" + }, + "object": { + "type": "string" + } + } + }, + "v1.Patch": { + "id": "v1.Patch", + "description": "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", + "properties": {} + }, + "v1.DeleteOptions": { + "id": "v1.DeleteOptions", + "description": "DeleteOptions may be provided when deleting an API object.", + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "gracePeriodSeconds": { + "type": "integer", + "format": "int64", + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately." + }, + "preconditions": { + "$ref": "v1.Preconditions", + "description": "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned." + }, + "orphanDependents": { + "type": "boolean", + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both." + }, + "propagationPolicy": { + "$ref": "v1.DeletionPropagation", + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground." + }, + "dryRun": { + "type": "array", + "items": { + "type": "string" + }, + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed" + } + } + }, + "v1.Preconditions": { + "id": "v1.Preconditions", + "description": "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", + "properties": { + "uid": { + "$ref": "types.UID", + "description": "Specifies the target UID." + } + } + }, + "types.UID": { + "id": "types.UID", + "properties": {} + }, + "v1.DeletionPropagation": { + "id": "v1.DeletionPropagation", + "properties": {} + }, + "v1.APIResourceList": { + "id": "v1.APIResourceList", + "description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", + "required": [ + "groupVersion", + "resources" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources" + }, + "groupVersion": { + "type": "string", + "description": "groupVersion is the group and version this APIResourceList is for." + }, + "resources": { + "type": "array", + "items": { + "$ref": "v1.APIResource" + }, + "description": "resources contains the name of the resources and if they are namespaced." + } + } + }, + "v1.APIResource": { + "id": "v1.APIResource", + "description": "APIResource specifies the name of a resource and whether it is namespaced.", + "required": [ + "name", + "singularName", + "namespaced", + "kind", + "verbs" + ], + "properties": { + "name": { + "type": "string", + "description": "name is the plural name of the resource." + }, + "singularName": { + "type": "string", + "description": "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface." + }, + "namespaced": { + "type": "boolean", + "description": "namespaced indicates if a resource is namespaced or not." + }, + "group": { + "type": "string", + "description": "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\"." + }, + "version": { + "type": "string", + "description": "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\"." + }, + "kind": { + "type": "string", + "description": "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')" + }, + "verbs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)" + }, + "shortNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "shortNames is a list of suggested short names of the resource." + }, + "categories": { + "type": "array", + "items": { + "type": "string" + }, + "description": "categories is a list of the grouped resources this resource belongs to (e.g. 'all')" + } + } + } + } + } diff --git a/api/swagger-spec/resourceListing.json b/api/swagger-spec/resourceListing.json index cc35fcef299..ad7391b5684 100644 --- a/api/swagger-spec/resourceListing.json +++ b/api/swagger-spec/resourceListing.json @@ -21,6 +21,14 @@ "path": "/api", "description": "get available API versions" }, + { + "path": "/apis/auditregistration.k8s.io/v1alpha1", + "description": "API at /apis/auditregistration.k8s.io/v1alpha1" + }, + { + "path": "/apis/auditregistration.k8s.io", + "description": "get information of a group" + }, { "path": "/apis/authentication.k8s.io/v1", "description": "API at /apis/authentication.k8s.io/v1" diff --git a/build/build-image/cross/Dockerfile b/build/build-image/cross/Dockerfile index ae3e0c4bcee..c9d058d2602 100644 --- a/build/build-image/cross/Dockerfile +++ b/build/build-image/cross/Dockerfile @@ -33,24 +33,14 @@ ENV KUBE_CROSSPLATFORMS \ windows/amd64 windows/386 # Pre-compile the standard go library when cross-compiling. This is much easier now when we have go1.5+ -RUN for platform in ${KUBE_CROSSPLATFORMS}; do GOOS=${platform%/*} GOARCH=${platform##*/} go install std; done +RUN for platform in ${KUBE_CROSSPLATFORMS}; do GOOS=${platform%/*} GOARCH=${platform##*/} go install std; done \ + && go clean -cache # Install g++, then download and install protoc for generating protobuf output RUN apt-get update \ - && apt-get install -y g++ rsync jq apt-utils file patch \ + && apt-get install -y rsync jq apt-utils file patch unzip \ && apt-get clean && rm -rf /var/lib/apt/lists/* -RUN mkdir -p /usr/local/src/protobuf \ - && cd /usr/local/src/protobuf \ - && curl -sSL https://github.com/google/protobuf/releases/download/v3.0.0-beta-2/protobuf-cpp-3.0.0-beta-2.tar.gz | tar -xzv \ - && cd protobuf-3.0.0-beta-2 \ - && ./configure \ - && make install \ - && ldconfig \ - && cd .. \ - && rm -rf protobuf-3.0.0-beta-2 \ - && protoc --version - # Use dynamic cgo linking for architectures other than amd64 for the server platforms # To install crossbuild essential for other architectures add the following repository. RUN echo "deb http://archive.ubuntu.com/ubuntu xenial main universe" > /etc/apt/sources.list.d/cgocrosscompiling.list \ @@ -60,6 +50,16 @@ RUN echo "deb http://archive.ubuntu.com/ubuntu xenial main universe" > /etc/apt/ && for platform in ${KUBE_DYNAMIC_CROSSPLATFORMS}; do apt-get install -y crossbuild-essential-${platform}; done \ && apt-get clean && rm -rf /var/lib/apt/lists/* +RUN PROTOBUF_VERSION=3.0.2; ZIPNAME="protoc-${PROTOBUF_VERSION}-linux-x86_64.zip"; \ + mkdir /tmp/protoc && cd /tmp/protoc \ + && wget "https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOBUF_VERSION}/${ZIPNAME}" \ + && unzip "${ZIPNAME}" \ + && chmod -R +rX /tmp/protoc \ + && cp -pr bin /usr/local \ + && cp -pr include /usr/local \ + && rm -rf /tmp/protoc \ + && protoc --version + # work around 64MB tmpfs size in Docker 1.6 ENV TMPDIR /tmp.k8s RUN mkdir $TMPDIR \ @@ -68,7 +68,8 @@ RUN mkdir $TMPDIR \ # Get the code coverage tool and goimports RUN go get golang.org/x/tools/cmd/cover \ - golang.org/x/tools/cmd/goimports + golang.org/x/tools/cmd/goimports \ + && go clean -cache # Download and symlink etcd. We need this for our integration tests. RUN export ETCD_VERSION=v3.2.24; \ diff --git a/build/build-image/cross/VERSION b/build/build-image/cross/VERSION index a12eee242f1..7cd7543d299 100644 --- a/build/build-image/cross/VERSION +++ b/build/build-image/cross/VERSION @@ -1 +1 @@ -v1.11.1-1 +v1.11.1-2 diff --git a/cluster/addons/dns/coredns/coredns.yaml.base b/cluster/addons/dns/coredns/coredns.yaml.base index b6774713e01..35e14918a1b 100644 --- a/cluster/addons/dns/coredns/coredns.yaml.base +++ b/cluster/addons/dns/coredns/coredns.yaml.base @@ -27,6 +27,12 @@ rules: verbs: - list - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -108,7 +114,7 @@ spec: operator: "Exists" containers: - name: coredns - image: k8s.gcr.io/coredns:1.2.2 + image: k8s.gcr.io/coredns:1.2.4 imagePullPolicy: IfNotPresent resources: limits: diff --git a/cluster/addons/dns/coredns/coredns.yaml.in b/cluster/addons/dns/coredns/coredns.yaml.in index 7beb3769c3d..245a00d4f39 100644 --- a/cluster/addons/dns/coredns/coredns.yaml.in +++ b/cluster/addons/dns/coredns/coredns.yaml.in @@ -27,6 +27,12 @@ rules: verbs: - list - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -108,7 +114,7 @@ spec: operator: "Exists" containers: - name: coredns - image: k8s.gcr.io/coredns:1.2.2 + image: k8s.gcr.io/coredns:1.2.4 imagePullPolicy: IfNotPresent resources: limits: diff --git a/cluster/addons/dns/coredns/coredns.yaml.sed b/cluster/addons/dns/coredns/coredns.yaml.sed index 4f0dc10a10e..00f18803093 100644 --- a/cluster/addons/dns/coredns/coredns.yaml.sed +++ b/cluster/addons/dns/coredns/coredns.yaml.sed @@ -27,6 +27,12 @@ rules: verbs: - list - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -108,7 +114,7 @@ spec: operator: "Exists" containers: - name: coredns - image: k8s.gcr.io/coredns:1.2.2 + image: k8s.gcr.io/coredns:1.2.4 imagePullPolicy: IfNotPresent resources: limits: diff --git a/cluster/addons/fluentd-elasticsearch/fluentd-es-configmap.yaml b/cluster/addons/fluentd-elasticsearch/fluentd-es-configmap.yaml index 369a468ec30..db3f5af254d 100644 --- a/cluster/addons/fluentd-elasticsearch/fluentd-es-configmap.yaml +++ b/cluster/addons/fluentd-elasticsearch/fluentd-es-configmap.yaml @@ -1,7 +1,7 @@ kind: ConfigMap apiVersion: v1 metadata: - name: fluentd-es-config-v0.1.5 + name: fluentd-es-config-v0.1.6 namespace: kube-system labels: addonmanager.kubernetes.io/mode: Reconcile @@ -420,6 +420,14 @@ data: @type kubernetes_metadata + # Concatenate multi-line logs + + @type concat + key message + multiline_end_regexp /\n$/ + separator "" + + @id elasticsearch @type elasticsearch diff --git a/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml b/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml index 4d00803b002..d804801b669 100644 --- a/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml +++ b/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml @@ -48,24 +48,24 @@ roleRef: apiVersion: apps/v1 kind: DaemonSet metadata: - name: fluentd-es-v2.2.0 + name: fluentd-es-v2.2.1 namespace: kube-system labels: k8s-app: fluentd-es - version: v2.2.0 + version: v2.2.1 kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile spec: selector: matchLabels: k8s-app: fluentd-es - version: v2.2.0 + version: v2.2.1 template: metadata: labels: k8s-app: fluentd-es kubernetes.io/cluster-service: "true" - version: v2.2.0 + version: v2.2.1 # This annotation ensures that fluentd does not get evicted if the node # supports critical pod annotation based priority scheme. # Note that this does not guarantee admission on the nodes (#40573). @@ -107,4 +107,4 @@ spec: path: /var/lib/docker/containers - name: config-volume configMap: - name: fluentd-es-config-v0.1.5 + name: fluentd-es-config-v0.1.6 diff --git a/cluster/addons/fluentd-elasticsearch/fluentd-es-image/Gemfile b/cluster/addons/fluentd-elasticsearch/fluentd-es-image/Gemfile index 52b668b6ac4..145b15fc737 100644 --- a/cluster/addons/fluentd-elasticsearch/fluentd-es-image/Gemfile +++ b/cluster/addons/fluentd-elasticsearch/fluentd-es-image/Gemfile @@ -2,10 +2,11 @@ source 'https://rubygems.org' gem 'fluentd', '<=1.2.4' gem 'activesupport', '~>5.2.1' -gem 'fluent-plugin-kubernetes_metadata_filter', '~>2.0.0' -gem 'fluent-plugin-elasticsearch', '~>2.11.5' -gem 'fluent-plugin-systemd', '~>1.0.1' +gem 'fluent-plugin-concat', '~>2.3.0' gem 'fluent-plugin-detect-exceptions', '~>0.0.11' -gem 'fluent-plugin-prometheus', '~>1.0.1' +gem 'fluent-plugin-elasticsearch', '~>2.11.5' +gem 'fluent-plugin-kubernetes_metadata_filter', '~>2.0.0' gem 'fluent-plugin-multi-format-parser', '~>1.0.0' +gem 'fluent-plugin-prometheus', '~>1.0.1' +gem 'fluent-plugin-systemd', '~>1.0.1' gem 'oj', '~>3.6.5' diff --git a/cluster/gce/config-default.sh b/cluster/gce/config-default.sh index 84d67833f9d..671c1a5db7b 100755 --- a/cluster/gce/config-default.sh +++ b/cluster/gce/config-default.sh @@ -261,8 +261,8 @@ if [[ ! -z "${NODE_ACCELERATORS}" ]]; then fi # Optional: Install cluster DNS. -# Set CLUSTER_DNS_CORE_DNS to 'true' to install CoreDNS instead of kube-dns. -CLUSTER_DNS_CORE_DNS="${CLUSTER_DNS_CORE_DNS:-false}" +# Set CLUSTER_DNS_CORE_DNS to 'false' to install kube-dns instead of CoreDNS. +CLUSTER_DNS_CORE_DNS="${CLUSTER_DNS_CORE_DNS:-true}" ENABLE_CLUSTER_DNS="${KUBE_ENABLE_CLUSTER_DNS:-true}" DNS_SERVER_IP="${KUBE_DNS_SERVER_IP:-10.0.0.10}" DNS_DOMAIN="${KUBE_DNS_DOMAIN:-cluster.local}" diff --git a/cluster/gce/config-test.sh b/cluster/gce/config-test.sh index 1017c07f82b..c9ce3694c5c 100755 --- a/cluster/gce/config-test.sh +++ b/cluster/gce/config-test.sh @@ -268,8 +268,8 @@ if [[ ! -z "${NODE_ACCELERATORS}" ]]; then fi # Optional: Install cluster DNS. -# Set CLUSTER_DNS_CORE_DNS to 'true' to install CoreDNS instead of kube-dns. -CLUSTER_DNS_CORE_DNS="${CLUSTER_DNS_CORE_DNS:-false}" +# Set CLUSTER_DNS_CORE_DNS to 'false' to install kube-dns instead of CoreDNS. +CLUSTER_DNS_CORE_DNS="${CLUSTER_DNS_CORE_DNS:-true}" ENABLE_CLUSTER_DNS="${KUBE_ENABLE_CLUSTER_DNS:-true}" DNS_SERVER_IP="10.0.0.10" DNS_DOMAIN="cluster.local" diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh index 0fc3f7cfe59..0f6af3a2c76 100755 --- a/cluster/gce/util.sh +++ b/cluster/gce/util.sh @@ -847,7 +847,7 @@ ENABLE_NODE_LOGGING: $(yaml-quote ${ENABLE_NODE_LOGGING:-false}) LOGGING_DESTINATION: $(yaml-quote ${LOGGING_DESTINATION:-}) ELASTICSEARCH_LOGGING_REPLICAS: $(yaml-quote ${ELASTICSEARCH_LOGGING_REPLICAS:-}) ENABLE_CLUSTER_DNS: $(yaml-quote ${ENABLE_CLUSTER_DNS:-false}) -CLUSTER_DNS_CORE_DNS: $(yaml-quote ${CLUSTER_DNS_CORE_DNS:-false}) +CLUSTER_DNS_CORE_DNS: $(yaml-quote ${CLUSTER_DNS_CORE_DNS:-true}) DNS_SERVER_IP: $(yaml-quote ${DNS_SERVER_IP:-}) DNS_DOMAIN: $(yaml-quote ${DNS_DOMAIN:-}) ENABLE_DNS_HORIZONTAL_AUTOSCALER: $(yaml-quote ${ENABLE_DNS_HORIZONTAL_AUTOSCALER:-false}) diff --git a/cmd/kubeadm/app/cmd/join.go b/cmd/kubeadm/app/cmd/join.go index e07c003f5cb..0490c9b1728 100644 --- a/cmd/kubeadm/app/cmd/join.go +++ b/cmd/kubeadm/app/cmd/join.go @@ -68,7 +68,7 @@ var ( `) notReadyToJoinControPlaneTemp = template.Must(template.New("join").Parse(dedent.Dedent(` - One or more conditions for hosting a new control plane instance is not satisfied. + One or more conditions for hosting a new control plane instance is not satisfied. {{.Error}} @@ -81,7 +81,7 @@ var ( joinControPlaneDoneTemp = template.Must(template.New("join").Parse(dedent.Dedent(` This node has joined the cluster and a new control plane instance was created: - + * Certificate signing request was sent to apiserver and approval was received. * The Kubelet was informed of the new secure connection details. * Master label and taint were applied to the new node. @@ -94,7 +94,7 @@ var ( sudo chown $(id -u):$(id -g) $HOME/.kube/config Run 'kubectl get nodes' to see this node join the cluster. - + `))) joinLongDescription = dedent.Dedent(` @@ -513,10 +513,11 @@ func (j *Join) BootstrapKubelet(tlsBootstrapCfg *clientcmdapi.Config) error { return err } - // Write env file with flags for the kubelet to use. We do not need to write the --register-with-taints for the master, - // as we handle that ourselves in the markmaster phase - // TODO: Maybe we want to do that some time in the future, in order to remove some logic from the markmaster phase? - if err := kubeletphase.WriteKubeletDynamicEnvFile(&j.cfg.NodeRegistration, j.cfg.FeatureGates, false, kubeadmconstants.KubeletRunDirectory); err != nil { + // Write env file with flags for the kubelet to use. We only want to + // register the joining node with the specified taints if the node + // is not a master. The markmaster phase will register the taints otherwise. + registerTaintsUsingFlags := !j.cfg.ControlPlane + if err := kubeletphase.WriteKubeletDynamicEnvFile(&j.cfg.NodeRegistration, j.cfg.FeatureGates, registerTaintsUsingFlags, kubeadmconstants.KubeletRunDirectory); err != nil { return err } diff --git a/cmd/kubeadm/app/constants/constants.go b/cmd/kubeadm/app/constants/constants.go index 79dd498d246..e707564ef52 100644 --- a/cmd/kubeadm/app/constants/constants.go +++ b/cmd/kubeadm/app/constants/constants.go @@ -306,7 +306,7 @@ const ( KubeDNSVersion = "1.14.13" // CoreDNSVersion is the version of CoreDNS to be deployed if it is used - CoreDNSVersion = "1.2.2" + CoreDNSVersion = "1.2.4" // ClusterConfigurationKind is the string kind value for the ClusterConfiguration struct ClusterConfigurationKind = "ClusterConfiguration" diff --git a/cmd/kubeadm/app/phases/addons/dns/manifests.go b/cmd/kubeadm/app/phases/addons/dns/manifests.go index d5a03302fc5..cdf84c2e713 100644 --- a/cmd/kubeadm/app/phases/addons/dns/manifests.go +++ b/cmd/kubeadm/app/phases/addons/dns/manifests.go @@ -331,6 +331,12 @@ rules: verbs: - list - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get ` // CoreDNSClusterRoleBinding is the CoreDNS Clusterrolebinding manifest CoreDNSClusterRoleBinding = ` diff --git a/cmd/kubeadm/app/phases/upgrade/compute_test.go b/cmd/kubeadm/app/phases/upgrade/compute_test.go index b7b56e1e0f2..6c9a143df04 100644 --- a/cmd/kubeadm/app/phases/upgrade/compute_test.go +++ b/cmd/kubeadm/app/phases/upgrade/compute_test.go @@ -168,7 +168,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.10.3", KubeadmVersion: "v1.10.3", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.1.12", }, }, @@ -207,7 +207,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.10.3", KubeadmVersion: "v1.10.3", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.1.12", }, }, @@ -246,7 +246,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.0", KubeadmVersion: "v1.11.0", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -285,7 +285,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.10.5", KubeadmVersion: "v1.10.5", // Note: The kubeadm version mustn't be "downgraded" here DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.1.12", }, }, @@ -305,7 +305,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.1", KubeadmVersion: "v1.11.1", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -364,7 +364,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.0-alpha.2", KubeadmVersion: "v1.11.0-alpha.2", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -404,7 +404,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.0-alpha.2", KubeadmVersion: "v1.11.0-alpha.2", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -445,7 +445,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.0-beta.1", KubeadmVersion: "v1.11.0-beta.1", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -486,7 +486,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.0-rc.1", KubeadmVersion: "v1.11.0-rc.1", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -527,7 +527,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.6-rc.1", KubeadmVersion: "v1.11.6-rc.1", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -568,7 +568,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.11.0-rc.1", KubeadmVersion: "v1.11.0-rc.1", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.18", }, }, @@ -588,7 +588,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.12.0-alpha.2", KubeadmVersion: "v1.12.0-alpha.2", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.24", }, }, @@ -641,7 +641,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.12.1", KubeadmVersion: "v1.12.1", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.24", }, }, @@ -678,7 +678,7 @@ func TestGetAvailableUpgrades(t *testing.T) { KubeVersion: "v1.12.0", KubeadmVersion: "v1.12.0", DNSType: "coredns", - DNSVersion: "1.2.2", + DNSVersion: "1.2.4", EtcdVersion: "3.2.24", }, }, diff --git a/cmd/kubeadm/app/preflight/checks.go b/cmd/kubeadm/app/preflight/checks.go index e247d0a3210..30edb559e42 100644 --- a/cmd/kubeadm/app/preflight/checks.go +++ b/cmd/kubeadm/app/preflight/checks.go @@ -991,7 +991,6 @@ func addCommonChecks(execer utilsexec.Interface, cfg kubeadmapi.CommonConfigurat } checks = append(checks, SystemVerificationCheck{IsDocker: isDocker}, - IsPrivilegedUserCheck{}, HostnameCheck{nodeName: cfg.GetNodeName()}, KubeletVersionCheck{KubernetesVersion: cfg.GetKubernetesVersion(), exec: execer}, ServiceCheck{Service: "kubelet", CheckIfActive: false}, diff --git a/docs/api-reference/auditregistration.k8s.io/v1alpha1/definitions.html b/docs/api-reference/auditregistration.k8s.io/v1alpha1/definitions.html new file mode 100755 index 00000000000..083c31252e5 --- /dev/null +++ b/docs/api-reference/auditregistration.k8s.io/v1alpha1/definitions.html @@ -0,0 +1,1646 @@ + + + + + + +Top Level API Objects + + + + +
+
+

Top Level API Objects

+
+
+ +
+
+
+
+

Definitions

+
+
+

v1.APIResourceList

+
+

APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

groupVersion

groupVersion is the group and version this APIResourceList is for.

true

string

resources

resources contains the name of the resources and if they are namespaced.

true

v1.APIResource array

+ +
+
+

v1alpha1.Webhook

+
+

Webhook holds the configuration of the webhook

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

throttle

Throttle holds the options for throttling the webhook

false

v1alpha1.WebhookThrottleConfig

clientConfig

ClientConfig holds the connection parameters for the webhook required

true

v1alpha1.WebhookClientConfig

+ +
+
+

v1alpha1.WebhookClientConfig

+
+

WebhookClientConfig contains the information to make a connection with the webhook

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

url

url gives the location of the webhook, in standard URL form ([scheme://]host:port/path). Exactly one of url or service must be specified.
+
+The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.
+
+Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.
+
+The scheme must be "https"; the URL must begin with "https://".
+
+A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.
+
+Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#…") and query parameters ("?…") are not allowed, either.

false

string

service

service is a reference to the service for this webhook. Either service or url must be specified.
+
+If the webhook is running within the cluster, then you should use service.
+
+Port 443 will be used if it is open, otherwise it is an error.

true

v1alpha1.ServiceReference

caBundle

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. defaults to the apiservers CA bundle for the endpoint type

true

string

+ +
+
+

v1.ListMeta

+
+

ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

selfLink

selfLink is a URL representing this object. Populated by the system. Read-only.

false

string

resourceVersion

String that identifies the server’s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency

false

string

continue

continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.

false

string

+ +
+
+

v1.Initializers

+
+

Initializers tracks the progress of initialization.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

pending

Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.

true

v1.Initializer array

result

If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion.

false

v1.Status

+ +
+
+

v1.Preconditions

+
+

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

+
+ +++++++ + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

uid

Specifies the target UID.

false

types.UID

+ +
+
+

v1.Status

+
+

Status is a return value for calls that don’t return other objects.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

metadata

Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

v1.ListMeta

status

Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status

false

string

message

A human-readable description of the status of this operation.

false

string

reason

A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.

false

string

details

Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.

false

v1.StatusDetails

code

Suggested HTTP return code for this status, 0 if not set.

false

integer (int32)

+ +
+
+

v1.WatchEvent

+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

type

true

string

object

true

string

+ +
+
+

v1alpha1.Policy

+
+

Policy defines the configuration of how audit events are logged

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

level

The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required

true

string

stages

Stages is a list of stages for which events are created.

true

v1alpha1.Stage array

+ +
+
+

v1alpha1.ServiceReference

+
+

ServiceReference holds a reference to Service.legacy.k8s.io

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

namespace

namespace is the namespace of the service. Required

true

string

name

name is the name of the service. Required

true

string

path

path is an optional URL path which will be sent in any request to this service.

false

string

+ +
+
+

v1alpha1.WebhookThrottleConfig

+
+

WebhookThrottleConfig holds the configuration for throttling events

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

qps

ThrottleQPS maximum number of batches per second default 10 QPS

false

integer (int64)

burst

ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS

false

integer (int64)

+ +
+
+

v1alpha1.AuditSinkList

+
+

AuditSinkList is a list of AuditSink items.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

metadata

false

v1.ListMeta

items

List of audit configurations.

true

v1alpha1.AuditSink array

+ +
+
+

v1.DeletionPropagation

+ +
+
+

v1.Patch

+
+

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

+
+
+
+

v1.DeleteOptions

+
+

DeleteOptions may be provided when deleting an API object.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

gracePeriodSeconds

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

false

integer (int64)

preconditions

Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.

false

v1.Preconditions

orphanDependents

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

false

boolean

false

propagationPolicy

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: Orphan - orphan the dependents; Background - allow the garbage collector to delete the dependents in the background; Foreground - a cascading policy that deletes all dependents in the foreground.

false

v1.DeletionPropagation

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string array

+ +
+
+

v1.StatusDetails

+
+

StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).

false

string

group

The group attribute of the resource associated with the status StatusReason.

false

string

kind

The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

uid

UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids

false

string

causes

The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.

false

v1.StatusCause array

retryAfterSeconds

If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.

false

integer (int32)

+ +
+
+

v1.Initializer

+
+

Initializer is information about an initializer that has not yet completed.

+
+ +++++++ + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

name of the process that is responsible for initializing this object.

true

string

+ +
+
+

v1alpha1.Stage

+ +
+
+

v1.OwnerReference

+
+

OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

apiVersion

API version of the referent.

true

string

kind

Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

true

string

name

Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names

true

string

uid

UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids

true

string

controller

If true, this reference points to the managing controller.

false

boolean

false

blockOwnerDeletion

If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.

false

boolean

false

+ +
+
+

v1.ObjectMeta

+
+

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names

false

string

generateName

GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
+
+If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
+
+Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency

false

string

namespace

Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
+
+Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces

false

string

selfLink

SelfLink is a URL representing this object. Populated by the system. Read-only.

false

string

uid

UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.
+
+Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids

false

string

resourceVersion

An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.
+
+Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency

false

string

generation

A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.

false

integer (int64)

creationTimestamp

CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
+
+Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

false

string

deletionTimestamp

DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
+
+Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

false

string

deletionGracePeriodSeconds

Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.

false

integer (int64)

labels

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels

false

object

annotations

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations

false

object

ownerReferences

List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.

false

v1.OwnerReference array

initializers

An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven’t explicitly asked to observe uninitialized objects.
+
+When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.

false

v1.Initializers

finalizers

Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.

false

string array

clusterName

The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.

false

string

+ +
+
+

v1.APIResource

+
+

APIResource specifies the name of a resource and whether it is namespaced.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

name

name is the plural name of the resource.

true

string

singularName

singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.

true

string

namespaced

namespaced indicates if a resource is namespaced or not.

true

boolean

false

group

group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale".

false

string

version

version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource’s group)".

false

string

kind

kind is the kind for the resource (e.g. Foo is the kind for a resource foo)

true

string

verbs

verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)

true

string array

shortNames

shortNames is a list of suggested short names of the resource.

false

string array

categories

categories is a list of the grouped resources this resource belongs to (e.g. all)

false

string array

+ +
+
+

v1alpha1.AuditSinkSpec

+
+

AuditSinkSpec holds the spec for the audit sink

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

policy

Policy defines the policy for selecting which events should be sent to the webhook required

true

v1alpha1.Policy

webhook

Webhook to send events required

true

v1alpha1.Webhook

+ +
+
+

types.UID

+ +
+
+

v1alpha1.AuditSink

+
+

AuditSink represents a cluster level audit sink

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

false

string

apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

false

string

metadata

false

v1.ObjectMeta

spec

Spec defines the audit configuration spec

false

v1alpha1.AuditSinkSpec

+ +
+
+

v1.StatusCause

+
+

StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.

+
+ +++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDescriptionRequiredSchemaDefault

reason

A machine-readable description of the cause of the error. If this value is empty there is no information available.

false

string

message

A human-readable description of the cause of the error. This field may be presented as-is to a reader.

false

string

field

The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.
+
+Examples:
+ "name" - the field "name" on the current resource
+ "items[0].name" - the field "name" on the first array entry in "items"

false

string

+ +
+
+

any

+
+

Represents an untyped JSON map - see the description of the field for more info about the structure of this object.

+
+
+
+
+
+ + + \ No newline at end of file diff --git a/docs/api-reference/auditregistration.k8s.io/v1alpha1/operations.html b/docs/api-reference/auditregistration.k8s.io/v1alpha1/operations.html new file mode 100755 index 00000000000..3296aa210e5 --- /dev/null +++ b/docs/api-reference/auditregistration.k8s.io/v1alpha1/operations.html @@ -0,0 +1,1841 @@ + + + + + + +Operations + + + + +
+
+

Operations

+
+
+

get available resources

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1
+
+
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

default

success

v1.APIResourceList

+ +
+
+

Consumes

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

list or watch objects of kind AuditSink

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSinkList

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
  • +

    application/json;stream=watch

    +
    • +
  • +

    application/vnd.kubernetes.protobuf;stream=watch

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

delete collection of AuditSink

+
+
+
DELETE /apis/auditregistration.k8s.io/v1alpha1/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1.Status

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

create an AuditSink

+
+
+
POST /apis/auditregistration.k8s.io/v1alpha1/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1alpha1.AuditSink

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

QueryParameter

includeUninitialized

If IncludeUninitialized is specified, the object may be returned without completing initialization.

false

boolean

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

202

Accepted

v1alpha1.AuditSink

200

success

v1alpha1.AuditSink

201

Created

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

read the specified AuditSink

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

export

Should this value be exported. Export strips fields that a user can not specify.

false

boolean

QueryParameter

exact

Should the export be exact. Exact export maintains cluster-specific fields like Namespace.

false

boolean

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

replace the specified AuditSink

+
+
+
PUT /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1alpha1.AuditSink

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSink

201

Created

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

delete an AuditSink

+
+
+
DELETE /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1.DeleteOptions

QueryParameter

gracePeriodSeconds

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

false

integer (int32)

QueryParameter

orphanDependents

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

false

boolean

QueryParameter

propagationPolicy

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: Orphan - orphan the dependents; Background - allow the garbage collector to delete the dependents in the background; Foreground - a cascading policy that deletes all dependents in the foreground.

false

string

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

202

Accepted

v1.Status

200

success

v1.Status

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

partially update the specified AuditSink

+
+
+
PATCH /apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

BodyParameter

body

true

v1.Patch

QueryParameter

dryRun

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1alpha1.AuditSink

+ +
+
+

Consumes

+
+
    +
  • +

    application/json-patch+json

    +
    • +
  • +

    application/merge-patch+json

    +
    • +
  • +

    application/strategic-merge-patch+json

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

watch individual changes to a list of AuditSink. deprecated: use the watch parameter with a list operation instead.

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1.WatchEvent

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
  • +

    application/json;stream=watch

    +
    • +
  • +

    application/vnd.kubernetes.protobuf;stream=watch

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+

watch changes to an object of kind AuditSink. deprecated: use the watch parameter with a list operation instead, filtered to a single item with the fieldSelector parameter.

+
+
+
GET /apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}
+
+
+
+

Parameters

+ ++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
TypeNameDescriptionRequiredSchemaDefault

QueryParameter

pretty

If true, then the output is pretty printed.

false

string

QueryParameter

labelSelector

A selector to restrict the list of returned objects by their labels. Defaults to everything.

false

string

QueryParameter

fieldSelector

A selector to restrict the list of returned objects by their fields. Defaults to everything.

false

string

QueryParameter

includeUninitialized

If true, partially initialized resources are included in the response.

false

boolean

QueryParameter

watch

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

false

boolean

QueryParameter

resourceVersion

When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it’s 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.

false

string

QueryParameter

timeoutSeconds

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

false

integer (int32)

QueryParameter

limit

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. +

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

false

integer (int32)

QueryParameter

continue

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". +

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

false

string

PathParameter

name

name of the AuditSink

true

string

+ +
+
+

Responses

+ +++++ + + + + + + + + + + + + + + +
HTTP CodeDescriptionSchema

200

success

v1.WatchEvent

+ +
+
+

Consumes

+
+
    +
  • +

    /

    +
    • +
+
+
+
+

Produces

+
+
    +
  • +

    application/json

    +
    • +
  • +

    application/yaml

    +
    • +
  • +

    application/vnd.kubernetes.protobuf

    +
    • +
  • +

    application/json;stream=watch

    +
    • +
  • +

    application/vnd.kubernetes.protobuf;stream=watch

    +
    • +
+
+
+
+

Tags

+
+
    +
  • +

    apisauditregistration.k8s.iov1alpha1

    +
    • +
+
+
+
+
+
+
+ + + \ No newline at end of file diff --git a/hack/.golint_failures b/hack/.golint_failures index ddf5b65d53d..a6828f028bd 100644 --- a/hack/.golint_failures +++ b/hack/.golint_failures @@ -28,6 +28,7 @@ pkg/apis/apps/v1 pkg/apis/apps/v1beta1 pkg/apis/apps/v1beta2 pkg/apis/apps/validation +pkg/apis/auditregistration/v1alpha1 pkg/apis/authentication pkg/apis/authentication/v1 pkg/apis/authentication/v1beta1 @@ -284,6 +285,7 @@ pkg/registry/apps/replicaset/storage pkg/registry/apps/rest pkg/registry/apps/statefulset pkg/registry/apps/statefulset/storage +pkg/registry/auditregistration/rest pkg/registry/authentication/rest pkg/registry/authentication/tokenreview pkg/registry/authorization/localsubjectaccessreview @@ -452,6 +454,7 @@ staging/src/k8s.io/api/admissionregistration/v1beta1 staging/src/k8s.io/api/apps/v1 staging/src/k8s.io/api/apps/v1beta1 staging/src/k8s.io/api/apps/v1beta2 +staging/src/k8s.io/api/auditregistration/v1alpha1 staging/src/k8s.io/api/authentication/v1 staging/src/k8s.io/api/authentication/v1beta1 staging/src/k8s.io/api/authorization/v1 @@ -554,7 +557,6 @@ staging/src/k8s.io/apiserver/pkg/apis/audit staging/src/k8s.io/apiserver/pkg/apis/audit/v1 staging/src/k8s.io/apiserver/pkg/apis/audit/v1alpha1 staging/src/k8s.io/apiserver/pkg/apis/audit/v1beta1 -staging/src/k8s.io/apiserver/pkg/apis/audit/validation staging/src/k8s.io/apiserver/pkg/apis/config/v1alpha1 staging/src/k8s.io/apiserver/pkg/apis/example staging/src/k8s.io/apiserver/pkg/apis/example/v1 diff --git a/hack/.spelling_failures b/hack/.spelling_failures index 7268a1f6692..e4430dc9f91 100644 --- a/hack/.spelling_failures +++ b/hack/.spelling_failures @@ -11,6 +11,7 @@ generated.proto pkg/client/clientset_generated pkg/client/informers/informers_generated/ pkg/generated +pkg/kubectl/generated swagger test/e2e/generated third_party/ diff --git a/hack/boilerplate/boilerplate.py b/hack/boilerplate/boilerplate.py index d90abd44a78..594d71ca0cd 100755 --- a/hack/boilerplate/boilerplate.py +++ b/hack/boilerplate/boilerplate.py @@ -147,7 +147,7 @@ def file_extension(filename): skipped_dirs = ['Godeps', 'third_party', '_gopath', '_output', '.git', 'cluster/env.sh', "vendor", "test/e2e/generated/bindata.go", "hack/boilerplate/test", - "pkg/generated/bindata.go"] + "pkg/kubectl/generated/bindata.go"] # list all the files contain 'DO NOT EDIT', but are not generated skipped_ungenerated_files = ['hack/build-ui.sh', 'hack/lib/swagger.sh', diff --git a/hack/generate-bindata.sh b/hack/generate-bindata.sh index f5153cfc5c1..53010175d66 100755 --- a/hack/generate-bindata.sh +++ b/hack/generate-bindata.sh @@ -64,7 +64,7 @@ fi rm -f "${BINDATA_OUTPUT}.tmp" # These are files for runtime code -BINDATA_OUTPUT="pkg/generated/bindata.go" +BINDATA_OUTPUT="pkg/kubectl/generated/bindata.go" # IMPORTANT: if you make any changes to these arguments, you must also update # pkg/generated/BUILD and/or build/bindata.bzl. go-bindata -nometadata -nocompress -o "${BINDATA_OUTPUT}.tmp" -pkg generated \ diff --git a/hack/lib/golang.sh b/hack/lib/golang.sh index dd7f2ba28df..7ddc0bb79bf 100755 --- a/hack/lib/golang.sh +++ b/hack/lib/golang.sh @@ -555,7 +555,7 @@ kube::golang::build_some_binaries() { go test -c -o "$(kube::golang::outfile_for_binary "${package}" "${platform}")" \ -covermode count \ - -coverpkg k8s.io/... \ + -coverpkg k8s.io/...,k8s.io/kubernetes/vendor/k8s.io/... \ "${build_args[@]}" \ -tags coverage \ "${package}" diff --git a/hack/lib/init.sh b/hack/lib/init.sh index a9ef8415f41..2a676f804a0 100755 --- a/hack/lib/init.sh +++ b/hack/lib/init.sh @@ -62,6 +62,7 @@ admission.k8s.io/v1beta1 \ apps/v1beta1 \ apps/v1beta2 \ apps/v1 \ +auditregistration.k8s.io/v1alpha1 \ authentication.k8s.io/v1 \ authentication.k8s.io/v1beta1 \ authorization.k8s.io/v1 \ diff --git a/hack/update-generated-protobuf-dockerized.sh b/hack/update-generated-protobuf-dockerized.sh index 798f832fc81..612cfba3648 100755 --- a/hack/update-generated-protobuf-dockerized.sh +++ b/hack/update-generated-protobuf-dockerized.sh @@ -78,6 +78,7 @@ PACKAGES=( k8s.io/api/admissionregistration/v1alpha1 k8s.io/api/admissionregistration/v1beta1 k8s.io/api/admission/v1beta1 + k8s.io/api/auditregistration/v1alpha1 k8s.io/api/networking/v1 k8s.io/metrics/pkg/apis/metrics/v1alpha1 k8s.io/metrics/pkg/apis/metrics/v1beta1 diff --git a/pkg/BUILD b/pkg/BUILD index e271227d879..7a9acd421c9 100644 --- a/pkg/BUILD +++ b/pkg/BUILD @@ -33,6 +33,7 @@ filegroup( "//pkg/apis/admission:all-srcs", "//pkg/apis/admissionregistration:all-srcs", "//pkg/apis/apps:all-srcs", + "//pkg/apis/auditregistration:all-srcs", "//pkg/apis/authentication:all-srcs", "//pkg/apis/authorization:all-srcs", "//pkg/apis/autoscaling:all-srcs", @@ -58,6 +59,7 @@ filegroup( "//pkg/client/leaderelectionconfig:all-srcs", "//pkg/client/listers/admissionregistration/internalversion:all-srcs", "//pkg/client/listers/apps/internalversion:all-srcs", + "//pkg/client/listers/auditregistration/internalversion:all-srcs", "//pkg/client/listers/authentication/internalversion:all-srcs", "//pkg/client/listers/authorization/internalversion:all-srcs", "//pkg/client/listers/autoscaling/internalversion:all-srcs", diff --git a/pkg/api/testapi/BUILD b/pkg/api/testapi/BUILD index cb66f562213..11eec53bef4 100644 --- a/pkg/api/testapi/BUILD +++ b/pkg/api/testapi/BUILD @@ -18,6 +18,8 @@ go_library( "//pkg/apis/admissionregistration/install:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/install:go_default_library", + "//pkg/apis/auditregistration:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", "//pkg/apis/authentication/install:go_default_library", "//pkg/apis/authorization:go_default_library", "//pkg/apis/authorization/install:go_default_library", diff --git a/pkg/api/testapi/testapi.go b/pkg/api/testapi/testapi.go index 31d419620c9..32b81d29d0e 100644 --- a/pkg/api/testapi/testapi.go +++ b/pkg/api/testapi/testapi.go @@ -37,6 +37,7 @@ import ( "k8s.io/kubernetes/pkg/apis/admission" "k8s.io/kubernetes/pkg/apis/admissionregistration" "k8s.io/kubernetes/pkg/apis/apps" + "k8s.io/kubernetes/pkg/apis/auditregistration" "k8s.io/kubernetes/pkg/apis/authorization" "k8s.io/kubernetes/pkg/apis/autoscaling" "k8s.io/kubernetes/pkg/apis/batch" @@ -57,6 +58,7 @@ import ( _ "k8s.io/kubernetes/pkg/apis/admission/install" _ "k8s.io/kubernetes/pkg/apis/admissionregistration/install" _ "k8s.io/kubernetes/pkg/apis/apps/install" + _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" _ "k8s.io/kubernetes/pkg/apis/authentication/install" _ "k8s.io/kubernetes/pkg/apis/authorization/install" _ "k8s.io/kubernetes/pkg/apis/autoscaling/install" @@ -267,6 +269,12 @@ func init() { externalGroupVersion: externalGroupVersion, } } + if _, ok := Groups[auditregistration.GroupName]; !ok { + externalGroupVersion := schema.GroupVersion{Group: auditregistration.GroupName, Version: legacyscheme.Scheme.PrioritizedVersionsForGroup(auditregistration.GroupName)[0].Version} + Groups[auditregistration.GroupName] = TestGroup{ + externalGroupVersion: externalGroupVersion, + } + } Default = Groups[api.GroupName] Autoscaling = Groups[autoscaling.GroupName] diff --git a/pkg/api/testing/BUILD b/pkg/api/testing/BUILD index af88089ba0f..b65e2839b64 100644 --- a/pkg/api/testing/BUILD +++ b/pkg/api/testing/BUILD @@ -19,6 +19,7 @@ go_library( "//pkg/api/legacyscheme:go_default_library", "//pkg/apis/admissionregistration/fuzzer:go_default_library", "//pkg/apis/apps/fuzzer:go_default_library", + "//pkg/apis/auditregistration/fuzzer:go_default_library", "//pkg/apis/autoscaling/fuzzer:go_default_library", "//pkg/apis/batch/fuzzer:go_default_library", "//pkg/apis/certificates/fuzzer:go_default_library", diff --git a/pkg/api/testing/defaulting_test.go b/pkg/api/testing/defaulting_test.go index 58d9dc487c2..50453577272 100644 --- a/pkg/api/testing/defaulting_test.go +++ b/pkg/api/testing/defaulting_test.go @@ -136,6 +136,8 @@ func TestDefaulting(t *testing.T) { {Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "ValidatingWebhookConfigurationList"}: {}, {Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "MutatingWebhookConfiguration"}: {}, {Group: "admissionregistration.k8s.io", Version: "v1beta1", Kind: "MutatingWebhookConfigurationList"}: {}, + {Group: "auditregistration.k8s.io", Version: "v1alpha1", Kind: "AuditSink"}: {}, + {Group: "auditregistration.k8s.io", Version: "v1alpha1", Kind: "AuditSinkList"}: {}, {Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicy"}: {}, {Group: "networking.k8s.io", Version: "v1", Kind: "NetworkPolicyList"}: {}, {Group: "storage.k8s.io", Version: "v1beta1", Kind: "StorageClass"}: {}, diff --git a/pkg/api/testing/fuzzer.go b/pkg/api/testing/fuzzer.go index 2a2bb3175ba..65b5f42bf90 100644 --- a/pkg/api/testing/fuzzer.go +++ b/pkg/api/testing/fuzzer.go @@ -29,6 +29,7 @@ import ( runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" admissionregistrationfuzzer "k8s.io/kubernetes/pkg/apis/admissionregistration/fuzzer" appsfuzzer "k8s.io/kubernetes/pkg/apis/apps/fuzzer" + auditregistrationfuzzer "k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer" autoscalingfuzzer "k8s.io/kubernetes/pkg/apis/autoscaling/fuzzer" batchfuzzer "k8s.io/kubernetes/pkg/apis/batch/fuzzer" certificatesfuzzer "k8s.io/kubernetes/pkg/apis/certificates/fuzzer" @@ -101,6 +102,7 @@ var FuzzerFuncs = fuzzer.MergeFuzzerFuncs( policyfuzzer.Funcs, certificatesfuzzer.Funcs, admissionregistrationfuzzer.Funcs, + auditregistrationfuzzer.Funcs, storagefuzzer.Funcs, networkingfuzzer.Funcs, ) diff --git a/pkg/apis/admissionregistration/validation/validation.go b/pkg/apis/admissionregistration/validation/validation.go index 14d3d799bf4..9174bb0835a 100644 --- a/pkg/apis/admissionregistration/validation/validation.go +++ b/pkg/apis/admissionregistration/validation/validation.go @@ -240,6 +240,7 @@ func validateWebhookClientConfig(fldPath *field.Path, cc *admissionregistration. return allErrors } +// note: this has copy/paste inheritance in auditregistration func validateWebhookService(fldPath *field.Path, svc *admissionregistration.ServiceReference) field.ErrorList { var allErrors field.ErrorList diff --git a/pkg/apis/auditregistration/BUILD b/pkg/apis/auditregistration/BUILD new file mode 100644 index 00000000000..65913a1c996 --- /dev/null +++ b/pkg/apis/auditregistration/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "register.go", + "types.go", + "zz_generated.deepcopy.go", + ], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/apis/auditregistration/fuzzer:all-srcs", + "//pkg/apis/auditregistration/install:all-srcs", + "//pkg/apis/auditregistration/v1alpha1:all-srcs", + "//pkg/apis/auditregistration/validation:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/doc.go b/pkg/apis/auditregistration/doc.go new file mode 100644 index 00000000000..1046b5a62be --- /dev/null +++ b/pkg/apis/auditregistration/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:deepcopy-gen=package +// +groupName=auditregistration.k8s.io + +package auditregistration // import "k8s.io/kubernetes/pkg/apis/auditregistration" diff --git a/pkg/apis/auditregistration/fuzzer/BUILD b/pkg/apis/auditregistration/fuzzer/BUILD new file mode 100644 index 00000000000..3c4d743d8f6 --- /dev/null +++ b/pkg/apis/auditregistration/fuzzer/BUILD @@ -0,0 +1,27 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["fuzzer.go"], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/fuzzer", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", + "//vendor/github.com/google/gofuzz:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/fuzzer/fuzzer.go b/pkg/apis/auditregistration/fuzzer/fuzzer.go new file mode 100644 index 00000000000..eb141540fe5 --- /dev/null +++ b/pkg/apis/auditregistration/fuzzer/fuzzer.go @@ -0,0 +1,38 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fuzzer + +import ( + fuzz "github.com/google/gofuzz" + + runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" + "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// Funcs returns the fuzzer functions for the auditregistration api group. +var Funcs = func(codecs runtimeserializer.CodecFactory) []interface{} { + return []interface{}{ + func(obj *auditregistration.AuditSink, c fuzz.Continue) { + c.FuzzNoCustom(obj) + v := int64(1) + obj.Spec.Webhook.Throttle = &auditregistration.WebhookThrottleConfig{ + QPS: &v, + Burst: &v, + } + }, + } +} diff --git a/pkg/apis/auditregistration/install/BUILD b/pkg/apis/auditregistration/install/BUILD new file mode 100644 index 00000000000..09172ed23c9 --- /dev/null +++ b/pkg/apis/auditregistration/install/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["install.go"], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/install", + visibility = ["//visibility:public"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/apis/auditregistration:go_default_library", + "//pkg/apis/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/install/install.go b/pkg/apis/auditregistration/install/install.go new file mode 100644 index 00000000000..ffb905cd131 --- /dev/null +++ b/pkg/apis/auditregistration/install/install.go @@ -0,0 +1,38 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package install adds the experimental API group, making it available as +// an option to all of the API encoding/decoding machinery. +package install + +import ( + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/kubernetes/pkg/api/legacyscheme" + "k8s.io/kubernetes/pkg/apis/auditregistration" + "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" +) + +func init() { + Install(legacyscheme.Scheme) +} + +// Install registers the API group and adds types to a scheme +func Install(scheme *runtime.Scheme) { + utilruntime.Must(auditregistration.AddToScheme(scheme)) + utilruntime.Must(v1alpha1.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion)) +} diff --git a/pkg/apis/auditregistration/register.go b/pkg/apis/auditregistration/register.go new file mode 100644 index 00000000000..ebaa3810948 --- /dev/null +++ b/pkg/apis/auditregistration/register.go @@ -0,0 +1,53 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package auditregistration + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name use in this package +const GroupName = "auditregistration.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns a Group qualified GroupKind +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // SchemeBuilder for audit registration + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // AddToScheme audit registration + AddToScheme = SchemeBuilder.AddToScheme +) + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &AuditSink{}, + &AuditSinkList{}, + ) + return nil +} diff --git a/pkg/apis/auditregistration/types.go b/pkg/apis/auditregistration/types.go new file mode 100644 index 00000000000..8362483d21e --- /dev/null +++ b/pkg/apis/auditregistration/types.go @@ -0,0 +1,197 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:openapi-gen=true + +package auditregistration + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// Level defines the amount of information logged during auditing +type Level string + +// Valid audit levels +const ( + // LevelNone disables auditing + LevelNone Level = "None" + // LevelMetadata provides the basic level of auditing. + LevelMetadata Level = "Metadata" + // LevelRequest provides Metadata level of auditing, and additionally + // logs the request object (does not apply for non-resource requests). + LevelRequest Level = "Request" + // LevelRequestResponse provides Request level of auditing, and additionally + // logs the response object (does not apply for non-resource requests and watches). + LevelRequestResponse Level = "RequestResponse" +) + +// Stage defines the stages in request handling during which audit events may be generated. +type Stage string + +// Valid audit stages. +const ( + // The stage for events generated after the audit handler receives the request, but before it + // is delegated down the handler chain. + StageRequestReceived = "RequestReceived" + // The stage for events generated after the response headers are sent, but before the response body + // is sent. This stage is only generated for long-running requests (e.g. watch). + StageResponseStarted = "ResponseStarted" + // The stage for events generated after the response body has been completed, and no more bytes + // will be sent. + StageResponseComplete = "ResponseComplete" + // The stage for events generated when a panic occurred. + StagePanic = "Panic" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSink represents a cluster level sink for audit data +type AuditSink struct { + metav1.TypeMeta + + // +optional + metav1.ObjectMeta + + // Spec defines the audit sink spec + Spec AuditSinkSpec +} + +// AuditSinkSpec is the spec for the audit sink object +type AuditSinkSpec struct { + // Policy defines the policy for selecting which events should be sent to the backend + // required + Policy Policy + + // Webhook to send events + // required + Webhook Webhook +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSinkList is a list of a audit sink items. +type AuditSinkList struct { + metav1.TypeMeta + + // +optional + metav1.ListMeta + + // List of audit configurations. + Items []AuditSink +} + +// Policy defines the configuration of how audit events are logged +type Policy struct { + // The Level that all requests are recorded at. + // available options: None, Metadata, Request, RequestResponse + // required + Level Level + + // Stages is a list of stages for which events are created. + // +optional + Stages []Stage +} + +// Webhook holds the configuration of the webhooks +type Webhook struct { + // Throttle holds the options for throttling the webhook + // +optional + Throttle *WebhookThrottleConfig + + // ClientConfig holds the connection parameters for the webhook + // required + ClientConfig WebhookClientConfig +} + +// WebhookThrottleConfig holds the configuration for throttling +type WebhookThrottleConfig struct { + // QPS maximum number of batches per second + // default 10 QPS + // +optional + QPS *int64 + + // Burst is the maximum number of events sent at the same moment + // default 15 QPS + // +optional + Burst *int64 +} + +// WebhookClientConfig contains the information to make a connection with the webhook +type WebhookClientConfig struct { + // `url` gives the location of the webhook, in standard URL form + // (`[scheme://]host:port/path`). Exactly one of `url` or `service` + // must be specified. + // + // The `host` should not refer to a service running in the cluster; use + // the `service` field instead. The host might be resolved via external + // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve + // in-cluster DNS as that would be a layering violation). `host` may + // also be an IP address. + // + // Please note that using `localhost` or `127.0.0.1` as a `host` is + // risky unless you take great care to run this webhook on all hosts + // which run an apiserver which might need to make calls to this + // webhook. Such installs are likely to be non-portable, i.e., not easy + // to turn up in a new cluster. + // + // The scheme must be "https"; the URL must begin with "https://". + // + // A path is optional, and if present may be any string permissible in + // a URL. You may use the path to pass an arbitrary string to the + // webhook, for example, a cluster identifier. + // + // Attempting to use a user or basic auth e.g. "user:password@" is not + // allowed. Fragments ("#...") and query parameters ("?...") are not + // allowed, either. + // + // +optional + URL *string + + // `service` is a reference to the service for this webhook. Either + // `service` or `url` must be specified. + // + // If the webhook is running within the cluster, then you should use `service`. + // + // Port 443 will be used if it is open, otherwise it is an error. + // + // +optional + Service *ServiceReference + + // `caBundle` is a PEM encoded CA bundle which will be used to validate + // the webhook's server certificate. + // defaults to the apiservers CA bundle for the endpoint type + // +optional + CABundle []byte +} + +// ServiceReference holds a reference to Service.legacy.k8s.io +type ServiceReference struct { + // `namespace` is the namespace of the service. + // Required + Namespace string + + // `name` is the name of the service. + // Required + Name string + + // `path` is an optional URL path which will be sent in any request to + // this service. + // +optional + Path *string +} diff --git a/pkg/apis/auditregistration/v1alpha1/BUILD b/pkg/apis/auditregistration/v1alpha1/BUILD new file mode 100644 index 00000000000..5c5acd57449 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/BUILD @@ -0,0 +1,50 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "defaults.go", + "doc.go", + "register.go", + "zz_generated.conversion.go", + "zz_generated.defaults.go", + ], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/k8s.io/utils/pointer:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["defaults_test.go"], + embed = [":go_default_library"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//vendor/k8s.io/utils/pointer:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/v1alpha1/defaults.go b/pkg/apis/auditregistration/v1alpha1/defaults.go new file mode 100644 index 00000000000..1884a390792 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/defaults.go @@ -0,0 +1,56 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apimachinery/pkg/runtime" + utilpointer "k8s.io/utils/pointer" +) + +const ( + // DefaultQPS is the default QPS value + DefaultQPS = int64(10) + // DefaultBurst is the default burst value + DefaultBurst = int64(15) +) + +// DefaultThrottle is a default throttle config +func DefaultThrottle() *auditregistrationv1alpha1.WebhookThrottleConfig { + return &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: utilpointer.Int64Ptr(DefaultQPS), + Burst: utilpointer.Int64Ptr(DefaultBurst), + } +} + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} + +// SetDefaults_AuditSink sets defaults if the audit sink isn't present +func SetDefaults_AuditSink(obj *auditregistrationv1alpha1.AuditSink) { + if obj.Spec.Webhook.Throttle != nil { + if obj.Spec.Webhook.Throttle.QPS == nil { + obj.Spec.Webhook.Throttle.QPS = utilpointer.Int64Ptr(DefaultQPS) + } + if obj.Spec.Webhook.Throttle.Burst == nil { + obj.Spec.Webhook.Throttle.Burst = utilpointer.Int64Ptr(DefaultBurst) + } + } else { + obj.Spec.Webhook.Throttle = DefaultThrottle() + } +} diff --git a/pkg/apis/auditregistration/v1alpha1/defaults_test.go b/pkg/apis/auditregistration/v1alpha1/defaults_test.go new file mode 100644 index 00000000000..acfc7fba8a1 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/defaults_test.go @@ -0,0 +1,165 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1_test + +import ( + "reflect" + "testing" + + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + apiequality "k8s.io/apimachinery/pkg/api/equality" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/kubernetes/pkg/api/legacyscheme" + _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" + . "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" + utilpointer "k8s.io/utils/pointer" +) + +func TestSetDefaultAuditSink(t *testing.T) { + defaultURL := "http://test" + tests := []struct { + original *auditregistrationv1alpha1.AuditSink + expected *auditregistrationv1alpha1.AuditSink + }{ + { // Missing Throttle + original: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + expected: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: DefaultThrottle(), + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + }, + { // Missing QPS + original: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + Burst: utilpointer.Int64Ptr(1), + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + expected: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: DefaultThrottle().QPS, + Burst: utilpointer.Int64Ptr(1), + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + }, + { // Missing Burst + original: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: utilpointer.Int64Ptr(1), + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + expected: &auditregistrationv1alpha1.AuditSink{ + Spec: auditregistrationv1alpha1.AuditSinkSpec{ + Policy: auditregistrationv1alpha1.Policy{ + Level: auditregistrationv1alpha1.LevelMetadata, + }, + Webhook: auditregistrationv1alpha1.Webhook{ + Throttle: &auditregistrationv1alpha1.WebhookThrottleConfig{ + QPS: utilpointer.Int64Ptr(1), + Burst: DefaultThrottle().Burst, + }, + ClientConfig: auditregistrationv1alpha1.WebhookClientConfig{ + URL: &defaultURL, + }, + }, + }, + }, + }, + } + + for i, test := range tests { + original := test.original + expected := test.expected + obj2 := roundTrip(t, runtime.Object(original)) + got, ok := obj2.(*auditregistrationv1alpha1.AuditSink) + if !ok { + t.Fatalf("(%d) unexpected object: %v", i, obj2) + } + if !apiequality.Semantic.DeepEqual(got.Spec, expected.Spec) { + t.Errorf("(%d) got different than expected\ngot:\n\t%+v\nexpected:\n\t%+v", i, got.Spec, expected.Spec) + } + } +} + +func roundTrip(t *testing.T, obj runtime.Object) runtime.Object { + data, err := runtime.Encode(legacyscheme.Codecs.LegacyCodec(SchemeGroupVersion), obj) + if err != nil { + t.Errorf("%v\n %#v", err, obj) + return nil + } + obj2, err := runtime.Decode(legacyscheme.Codecs.UniversalDecoder(), data) + if err != nil { + t.Errorf("%v\nData: %s\nSource: %#v", err, string(data), obj) + return nil + } + obj3 := reflect.New(reflect.TypeOf(obj).Elem()).Interface().(runtime.Object) + err = legacyscheme.Scheme.Convert(obj2, obj3, nil) + if err != nil { + t.Errorf("%v\nSource: %#v", err, obj2) + return nil + } + return obj3 +} diff --git a/pkg/apis/auditregistration/v1alpha1/doc.go b/pkg/apis/auditregistration/v1alpha1/doc.go new file mode 100644 index 00000000000..606c457c302 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/doc.go @@ -0,0 +1,24 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/auditregistration +// +k8s:conversion-gen-external-types=k8s.io/api/auditregistration/v1alpha1 +// +k8s:defaulter-gen=TypeMeta +// +k8s:defaulter-gen-input=../../../../vendor/k8s.io/api/auditregistration/v1alpha1 + +// +groupName=auditregistration.k8s.io + +package v1alpha1 // import "k8s.io/kubernetes/pkg/apis/auditregistration/v1alpha1" diff --git a/pkg/apis/auditregistration/v1alpha1/register.go b/pkg/apis/auditregistration/v1alpha1/register.go new file mode 100644 index 00000000000..a74b162b6ad --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/register.go @@ -0,0 +1,46 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName for audit registration +const GroupName = "auditregistration.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + localSchemeBuilder = &auditregistrationv1alpha1.SchemeBuilder + // AddToScheme audit registration + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addDefaultingFuncs) +} diff --git a/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go b/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go new file mode 100644 index 00000000000..b8f08e397e7 --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,316 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSink)(nil), (*auditregistration.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(a.(*v1alpha1.AuditSink), b.(*auditregistration.AuditSink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSink)(nil), (*v1alpha1.AuditSink)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(a.(*auditregistration.AuditSink), b.(*v1alpha1.AuditSink), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkList)(nil), (*auditregistration.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(a.(*v1alpha1.AuditSinkList), b.(*auditregistration.AuditSinkList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkList)(nil), (*v1alpha1.AuditSinkList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(a.(*auditregistration.AuditSinkList), b.(*v1alpha1.AuditSinkList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.AuditSinkSpec)(nil), (*auditregistration.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(a.(*v1alpha1.AuditSinkSpec), b.(*auditregistration.AuditSinkSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.AuditSinkSpec)(nil), (*v1alpha1.AuditSinkSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(a.(*auditregistration.AuditSinkSpec), b.(*v1alpha1.AuditSinkSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.Policy)(nil), (*auditregistration.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_Policy_To_auditregistration_Policy(a.(*v1alpha1.Policy), b.(*auditregistration.Policy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.Policy)(nil), (*v1alpha1.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_Policy_To_v1alpha1_Policy(a.(*auditregistration.Policy), b.(*v1alpha1.Policy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.ServiceReference)(nil), (*auditregistration.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(a.(*v1alpha1.ServiceReference), b.(*auditregistration.ServiceReference), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.ServiceReference)(nil), (*v1alpha1.ServiceReference)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(a.(*auditregistration.ServiceReference), b.(*v1alpha1.ServiceReference), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.Webhook)(nil), (*auditregistration.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_Webhook_To_auditregistration_Webhook(a.(*v1alpha1.Webhook), b.(*auditregistration.Webhook), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.Webhook)(nil), (*v1alpha1.Webhook)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_Webhook_To_v1alpha1_Webhook(a.(*auditregistration.Webhook), b.(*v1alpha1.Webhook), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookClientConfig)(nil), (*auditregistration.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(a.(*v1alpha1.WebhookClientConfig), b.(*auditregistration.WebhookClientConfig), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookClientConfig)(nil), (*v1alpha1.WebhookClientConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(a.(*auditregistration.WebhookClientConfig), b.(*v1alpha1.WebhookClientConfig), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1alpha1.WebhookThrottleConfig)(nil), (*auditregistration.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(a.(*v1alpha1.WebhookThrottleConfig), b.(*auditregistration.WebhookThrottleConfig), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*auditregistration.WebhookThrottleConfig)(nil), (*v1alpha1.WebhookThrottleConfig)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(a.(*auditregistration.WebhookThrottleConfig), b.(*v1alpha1.WebhookThrottleConfig), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink is an autogenerated conversion function. +func Convert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in *v1alpha1.AuditSink, out *auditregistration.AuditSink, s conversion.Scope) error { + return autoConvert_v1alpha1_AuditSink_To_auditregistration_AuditSink(in, out, s) +} + +func autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +// Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink is an autogenerated conversion function. +func Convert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in *auditregistration.AuditSink, out *v1alpha1.AuditSink, s conversion.Scope) error { + return autoConvert_auditregistration_AuditSink_To_v1alpha1_AuditSink(in, out, s) +} + +func autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]auditregistration.AuditSink)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList is an autogenerated conversion function. +func Convert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in *v1alpha1.AuditSinkList, out *auditregistration.AuditSinkList, s conversion.Scope) error { + return autoConvert_v1alpha1_AuditSinkList_To_auditregistration_AuditSinkList(in, out, s) +} + +func autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]v1alpha1.AuditSink)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList is an autogenerated conversion function. +func Convert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in *auditregistration.AuditSinkList, out *v1alpha1.AuditSinkList, s conversion.Scope) error { + return autoConvert_auditregistration_AuditSinkList_To_v1alpha1_AuditSinkList(in, out, s) +} + +func autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error { + if err := Convert_v1alpha1_Policy_To_auditregistration_Policy(&in.Policy, &out.Policy, s); err != nil { + return err + } + if err := Convert_v1alpha1_Webhook_To_auditregistration_Webhook(&in.Webhook, &out.Webhook, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec is an autogenerated conversion function. +func Convert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in *v1alpha1.AuditSinkSpec, out *auditregistration.AuditSinkSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_AuditSinkSpec_To_auditregistration_AuditSinkSpec(in, out, s) +} + +func autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error { + if err := Convert_auditregistration_Policy_To_v1alpha1_Policy(&in.Policy, &out.Policy, s); err != nil { + return err + } + if err := Convert_auditregistration_Webhook_To_v1alpha1_Webhook(&in.Webhook, &out.Webhook, s); err != nil { + return err + } + return nil +} + +// Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec is an autogenerated conversion function. +func Convert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in *auditregistration.AuditSinkSpec, out *v1alpha1.AuditSinkSpec, s conversion.Scope) error { + return autoConvert_auditregistration_AuditSinkSpec_To_v1alpha1_AuditSinkSpec(in, out, s) +} + +func autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error { + out.Level = auditregistration.Level(in.Level) + out.Stages = *(*[]auditregistration.Stage)(unsafe.Pointer(&in.Stages)) + return nil +} + +// Convert_v1alpha1_Policy_To_auditregistration_Policy is an autogenerated conversion function. +func Convert_v1alpha1_Policy_To_auditregistration_Policy(in *v1alpha1.Policy, out *auditregistration.Policy, s conversion.Scope) error { + return autoConvert_v1alpha1_Policy_To_auditregistration_Policy(in, out, s) +} + +func autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error { + out.Level = v1alpha1.Level(in.Level) + out.Stages = *(*[]v1alpha1.Stage)(unsafe.Pointer(&in.Stages)) + return nil +} + +// Convert_auditregistration_Policy_To_v1alpha1_Policy is an autogenerated conversion function. +func Convert_auditregistration_Policy_To_v1alpha1_Policy(in *auditregistration.Policy, out *v1alpha1.Policy, s conversion.Scope) error { + return autoConvert_auditregistration_Policy_To_v1alpha1_Policy(in, out, s) +} + +func autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error { + out.Namespace = in.Namespace + out.Name = in.Name + out.Path = (*string)(unsafe.Pointer(in.Path)) + return nil +} + +// Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference is an autogenerated conversion function. +func Convert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in *v1alpha1.ServiceReference, out *auditregistration.ServiceReference, s conversion.Scope) error { + return autoConvert_v1alpha1_ServiceReference_To_auditregistration_ServiceReference(in, out, s) +} + +func autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error { + out.Namespace = in.Namespace + out.Name = in.Name + out.Path = (*string)(unsafe.Pointer(in.Path)) + return nil +} + +// Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference is an autogenerated conversion function. +func Convert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in *auditregistration.ServiceReference, out *v1alpha1.ServiceReference, s conversion.Scope) error { + return autoConvert_auditregistration_ServiceReference_To_v1alpha1_ServiceReference(in, out, s) +} + +func autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error { + out.Throttle = (*auditregistration.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle)) + if err := Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_Webhook_To_auditregistration_Webhook is an autogenerated conversion function. +func Convert_v1alpha1_Webhook_To_auditregistration_Webhook(in *v1alpha1.Webhook, out *auditregistration.Webhook, s conversion.Scope) error { + return autoConvert_v1alpha1_Webhook_To_auditregistration_Webhook(in, out, s) +} + +func autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error { + out.Throttle = (*v1alpha1.WebhookThrottleConfig)(unsafe.Pointer(in.Throttle)) + if err := Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(&in.ClientConfig, &out.ClientConfig, s); err != nil { + return err + } + return nil +} + +// Convert_auditregistration_Webhook_To_v1alpha1_Webhook is an autogenerated conversion function. +func Convert_auditregistration_Webhook_To_v1alpha1_Webhook(in *auditregistration.Webhook, out *v1alpha1.Webhook, s conversion.Scope) error { + return autoConvert_auditregistration_Webhook_To_v1alpha1_Webhook(in, out, s) +} + +func autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error { + out.URL = (*string)(unsafe.Pointer(in.URL)) + out.Service = (*auditregistration.ServiceReference)(unsafe.Pointer(in.Service)) + out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle)) + return nil +} + +// Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig is an autogenerated conversion function. +func Convert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in *v1alpha1.WebhookClientConfig, out *auditregistration.WebhookClientConfig, s conversion.Scope) error { + return autoConvert_v1alpha1_WebhookClientConfig_To_auditregistration_WebhookClientConfig(in, out, s) +} + +func autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error { + out.URL = (*string)(unsafe.Pointer(in.URL)) + out.Service = (*v1alpha1.ServiceReference)(unsafe.Pointer(in.Service)) + out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle)) + return nil +} + +// Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig is an autogenerated conversion function. +func Convert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in *auditregistration.WebhookClientConfig, out *v1alpha1.WebhookClientConfig, s conversion.Scope) error { + return autoConvert_auditregistration_WebhookClientConfig_To_v1alpha1_WebhookClientConfig(in, out, s) +} + +func autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error { + out.QPS = (*int64)(unsafe.Pointer(in.QPS)) + out.Burst = (*int64)(unsafe.Pointer(in.Burst)) + return nil +} + +// Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig is an autogenerated conversion function. +func Convert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in *v1alpha1.WebhookThrottleConfig, out *auditregistration.WebhookThrottleConfig, s conversion.Scope) error { + return autoConvert_v1alpha1_WebhookThrottleConfig_To_auditregistration_WebhookThrottleConfig(in, out, s) +} + +func autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error { + out.QPS = (*int64)(unsafe.Pointer(in.QPS)) + out.Burst = (*int64)(unsafe.Pointer(in.Burst)) + return nil +} + +// Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig is an autogenerated conversion function. +func Convert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in *auditregistration.WebhookThrottleConfig, out *v1alpha1.WebhookThrottleConfig, s conversion.Scope) error { + return autoConvert_auditregistration_WebhookThrottleConfig_To_v1alpha1_WebhookThrottleConfig(in, out, s) +} diff --git a/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go b/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go new file mode 100644 index 00000000000..1f23658b80a --- /dev/null +++ b/pkg/apis/auditregistration/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,46 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSink{}, func(obj interface{}) { SetObjectDefaults_AuditSink(obj.(*v1alpha1.AuditSink)) }) + scheme.AddTypeDefaultingFunc(&v1alpha1.AuditSinkList{}, func(obj interface{}) { SetObjectDefaults_AuditSinkList(obj.(*v1alpha1.AuditSinkList)) }) + return nil +} + +func SetObjectDefaults_AuditSink(in *v1alpha1.AuditSink) { + SetDefaults_AuditSink(in) +} + +func SetObjectDefaults_AuditSinkList(in *v1alpha1.AuditSinkList) { + for i := range in.Items { + a := &in.Items[i] + SetObjectDefaults_AuditSink(a) + } +} diff --git a/pkg/apis/auditregistration/validation/BUILD b/pkg/apis/auditregistration/validation/BUILD new file mode 100644 index 00000000000..42e821cf0b7 --- /dev/null +++ b/pkg/apis/auditregistration/validation/BUILD @@ -0,0 +1,41 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["validation.go"], + importpath = "k8s.io/kubernetes/pkg/apis/auditregistration/validation", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["validation_test.go"], + embed = [":go_default_library"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", + "//vendor/github.com/stretchr/testify/require:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/apis/auditregistration/validation/validation.go b/pkg/apis/auditregistration/validation/validation.go new file mode 100644 index 00000000000..693a6574181 --- /dev/null +++ b/pkg/apis/auditregistration/validation/validation.go @@ -0,0 +1,200 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "fmt" + "net/url" + "strings" + + genericvalidation "k8s.io/apimachinery/pkg/api/validation" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/validation" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// ValidateAuditSink validates the AuditSinks +func ValidateAuditSink(as *auditregistration.AuditSink) field.ErrorList { + allErrs := genericvalidation.ValidateObjectMeta(&as.ObjectMeta, false, genericvalidation.NameIsDNSSubdomain, field.NewPath("metadata")) + allErrs = append(allErrs, ValidateAuditSinkSpec(as.Spec, field.NewPath("spec"))...) + return allErrs +} + +// ValidateAuditSinkSpec validates the sink spec for audit +func ValidateAuditSinkSpec(s auditregistration.AuditSinkSpec, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + allErrs = append(allErrs, ValidatePolicy(s.Policy, field.NewPath("policy"))...) + allErrs = append(allErrs, ValidateWebhook(s.Webhook, field.NewPath("webhook"))...) + return allErrs +} + +// ValidateWebhook validates the webhook +func ValidateWebhook(w auditregistration.Webhook, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + if w.Throttle != nil { + allErrs = append(allErrs, ValidateWebhookThrottleConfig(w.Throttle, fldPath.Child("throttle"))...) + } + allErrs = append(allErrs, ValidateWebhookClientConfig(&w.ClientConfig, fldPath.Child("clientConfig"))...) + return allErrs +} + +// ValidateWebhookThrottleConfig validates the throttle config +func ValidateWebhookThrottleConfig(c *auditregistration.WebhookThrottleConfig, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + if c.QPS != nil && *c.QPS <= 0 { + allErrs = append(allErrs, field.Invalid(fldPath.Child("qps"), c.QPS, "qps must be a positive number")) + } + if c.Burst != nil && *c.Burst <= 0 { + allErrs = append(allErrs, field.Invalid(fldPath.Child("burst"), c.Burst, "burst must be a positive number")) + } + return allErrs +} + +// ValidateWebhookClientConfig validates the WebhookClientConfig +// note: this is largely copy/paste inheritance from admissionregistration with subtle changes +func ValidateWebhookClientConfig(cc *auditregistration.WebhookClientConfig, fldPath *field.Path) field.ErrorList { + var allErrors field.ErrorList + if (cc.URL == nil) == (cc.Service == nil) { + allErrors = append(allErrors, field.Required(fldPath.Child("url"), "exactly one of url or service is required")) + } + + if cc.URL != nil { + const form = "; desired format: https://host[/path]" + if u, err := url.Parse(*cc.URL); err != nil { + allErrors = append(allErrors, field.Required(fldPath.Child("url"), "url must be a valid URL: "+err.Error()+form)) + } else { + if len(u.Host) == 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.Host, "host must be provided"+form)) + } + if u.User != nil { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.User.String(), "user information is not permitted in the URL")) + } + if len(u.Fragment) != 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.Fragment, "fragments are not permitted in the URL")) + } + if len(u.RawQuery) != 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("url"), u.RawQuery, "query parameters are not permitted in the URL")) + } + } + } + + if cc.Service != nil { + allErrors = append(allErrors, validateWebhookService(cc.Service, fldPath.Child("service"))...) + } + return allErrors +} + +// note: this is copy/paste inheritance from admissionregistration +func validateWebhookService(svc *auditregistration.ServiceReference, fldPath *field.Path) field.ErrorList { + var allErrors field.ErrorList + + if len(svc.Name) == 0 { + allErrors = append(allErrors, field.Required(fldPath.Child("name"), "service name is required")) + } + + if len(svc.Namespace) == 0 { + allErrors = append(allErrors, field.Required(fldPath.Child("namespace"), "service namespace is required")) + } + + if svc.Path == nil { + return allErrors + } + + // TODO: replace below with url.Parse + verifying that host is empty? + + urlPath := *svc.Path + if urlPath == "/" || len(urlPath) == 0 { + return allErrors + } + if urlPath == "//" { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, "segment[0] may not be empty")) + return allErrors + } + + if !strings.HasPrefix(urlPath, "/") { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, "must start with a '/'")) + } + + urlPathToCheck := urlPath[1:] + if strings.HasSuffix(urlPathToCheck, "/") { + urlPathToCheck = urlPathToCheck[:len(urlPathToCheck)-1] + } + steps := strings.Split(urlPathToCheck, "/") + for i, step := range steps { + if len(step) == 0 { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, fmt.Sprintf("segment[%d] may not be empty", i))) + continue + } + failures := validation.IsDNS1123Subdomain(step) + for _, failure := range failures { + allErrors = append(allErrors, field.Invalid(fldPath.Child("path"), urlPath, fmt.Sprintf("segment[%d]: %v", i, failure))) + } + } + + return allErrors +} + +// ValidatePolicy validates the audit policy +func ValidatePolicy(policy auditregistration.Policy, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + allErrs = append(allErrs, validateStages(policy.Stages, fldPath.Child("stages"))...) + allErrs = append(allErrs, validateLevel(policy.Level, fldPath.Child("level"))...) + if policy.Level != auditregistration.LevelNone && len(policy.Stages) == 0 { + return field.ErrorList{field.Required(fldPath.Child("stages"), "")} + } + return allErrs +} + +var validLevels = sets.NewString( + string(auditregistration.LevelNone), + string(auditregistration.LevelMetadata), + string(auditregistration.LevelRequest), + string(auditregistration.LevelRequestResponse), +) + +var validStages = sets.NewString( + string(auditregistration.StageRequestReceived), + string(auditregistration.StageResponseStarted), + string(auditregistration.StageResponseComplete), + string(auditregistration.StagePanic), +) + +func validateLevel(level auditregistration.Level, fldPath *field.Path) field.ErrorList { + if string(level) == "" { + return field.ErrorList{field.Required(fldPath, "")} + } + if !validLevels.Has(string(level)) { + return field.ErrorList{field.NotSupported(fldPath, level, validLevels.List())} + } + return nil +} + +func validateStages(stages []auditregistration.Stage, fldPath *field.Path) field.ErrorList { + var allErrs field.ErrorList + for i, stage := range stages { + if !validStages.Has(string(stage)) { + allErrs = append(allErrs, field.Invalid(fldPath.Index(i), string(stage), "allowed stages are "+strings.Join(validStages.List(), ","))) + } + } + return allErrs +} + +// ValidateAuditSinkUpdate validates an update to the object +func ValidateAuditSinkUpdate(newC, oldC *auditregistration.AuditSink) field.ErrorList { + return ValidateAuditSink(newC) +} diff --git a/pkg/apis/auditregistration/validation/validation_test.go b/pkg/apis/auditregistration/validation/validation_test.go new file mode 100644 index 00000000000..522fb246ce8 --- /dev/null +++ b/pkg/apis/auditregistration/validation/validation_test.go @@ -0,0 +1,324 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "strings" + "testing" + + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +func TestValidateAuditSink(t *testing.T) { + testQPS := int64(10) + testURL := "http://localhost" + testCases := []struct { + name string + conf auditregistration.AuditSink + numErr int + }{ + { + name: "should pass full config", + conf: auditregistration.AuditSink{ + ObjectMeta: metav1.ObjectMeta{ + Name: "myconf", + }, + Spec: auditregistration.AuditSinkSpec{ + Policy: auditregistration.Policy{ + Level: auditregistration.LevelRequest, + Stages: []auditregistration.Stage{ + auditregistration.StageRequestReceived, + }, + }, + Webhook: auditregistration.Webhook{ + Throttle: &auditregistration.WebhookThrottleConfig{ + QPS: &testQPS, + }, + ClientConfig: auditregistration.WebhookClientConfig{ + URL: &testURL, + }, + }, + }, + }, + numErr: 0, + }, + { + name: "should fail no policy", + conf: auditregistration.AuditSink{ + ObjectMeta: metav1.ObjectMeta{ + Name: "myconf", + }, + Spec: auditregistration.AuditSinkSpec{ + Webhook: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: &testURL, + }, + }, + }, + }, + numErr: 1, + }, + { + name: "should fail no webhook", + conf: auditregistration.AuditSink{ + ObjectMeta: metav1.ObjectMeta{ + Name: "myconf", + }, + Spec: auditregistration.AuditSinkSpec{ + Policy: auditregistration.Policy{ + Level: auditregistration.LevelMetadata, + Stages: []auditregistration.Stage{ + auditregistration.StageRequestReceived, + }, + }, + }, + }, + numErr: 1, + }, + } + + for _, test := range testCases { + t.Run(test.name, func(t *testing.T) { + errs := ValidateAuditSink(&test.conf) + require.Len(t, errs, test.numErr) + }) + } +} + +func TestValidatePolicy(t *testing.T) { + successCases := []auditregistration.Policy{} + successCases = append(successCases, auditregistration.Policy{ // Policy with omitStages and level + Level: auditregistration.LevelRequest, + Stages: []auditregistration.Stage{ + auditregistration.Stage("RequestReceived"), + auditregistration.Stage("ResponseStarted"), + }, + }) + successCases = append(successCases, auditregistration.Policy{Level: auditregistration.LevelNone}) // Policy with none level only + + for i, policy := range successCases { + if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) != 0 { + t.Errorf("[%d] Expected policy %#v to be valid: %v", i, policy, errs) + } + } + + errorCases := []auditregistration.Policy{} + errorCases = append(errorCases, auditregistration.Policy{}) // Empty policy // Policy with missing level + errorCases = append(errorCases, auditregistration.Policy{Stages: []auditregistration.Stage{ // Policy with invalid stages + auditregistration.Stage("Bad")}}) + errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.Level("invalid")}) // Policy with bad level + errorCases = append(errorCases, auditregistration.Policy{Level: auditregistration.LevelMetadata}) // Policy without stages + + for i, policy := range errorCases { + if errs := ValidatePolicy(policy, field.NewPath("policy")); len(errs) == 0 { + t.Errorf("[%d] Expected policy %#v to be invalid!", i, policy) + } + } +} + +func strPtr(s string) *string { return &s } + +func TestValidateWebhookConfiguration(t *testing.T) { + tests := []struct { + name string + config auditregistration.Webhook + expectedError string + }{ + { + name: "both service and URL missing", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{}, + }, + expectedError: `exactly one of`, + }, + { + name: "both service and URL provided", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + }, + URL: strPtr("example.com/k8s/webhook"), + }, + }, + expectedError: `webhook.clientConfig.url: Required value: exactly one of url or service is required`, + }, + { + name: "blank URL", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr(""), + }, + }, + expectedError: `webhook.clientConfig.url: Invalid value: "": host must be provided`, + }, + { + name: "missing host", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https:///fancy/webhook"), + }, + }, + expectedError: `host must be provided`, + }, + { + name: "fragment", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https://example.com/#bookmark"), + }, + }, + expectedError: `"bookmark": fragments are not permitted`, + }, + { + name: "query", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https://example.com?arg=value"), + }, + }, + expectedError: `"arg=value": query parameters are not permitted`, + }, + { + name: "user", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("https://harry.potter@example.com/"), + }, + }, + expectedError: `"harry.potter": user information is not permitted`, + }, + { + name: "just totally wrong", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + URL: strPtr("arg#backwards=thisis?html.index/port:host//:https"), + }, + }, + expectedError: `host must be provided`, + }, + { + name: "path must start with slash", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("foo/"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "foo/": must start with a '/'`, + }, + { + name: "path accepts slash", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/"), + }, + }, + }, + expectedError: ``, + }, + { + name: "path accepts no trailing slash", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/foo"), + }, + }, + }, + expectedError: ``, + }, + { + name: "path fails //", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("//"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "//": segment[0] may not be empty`, + }, + { + name: "path no empty step", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/foo//bar/"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "/foo//bar/": segment[1] may not be empty`, + }, { + name: "path no empty step 2", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/foo/bar//"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "/foo/bar//": segment[2] may not be empty`, + }, + { + name: "path no non-subdomain", + config: auditregistration.Webhook{ + ClientConfig: auditregistration.WebhookClientConfig{ + Service: &auditregistration.ServiceReference{ + Namespace: "ns", + Name: "n", + Path: strPtr("/apis/foo.bar/v1alpha1/--bad"), + }, + }, + }, + expectedError: `clientConfig.service.path: Invalid value: "/apis/foo.bar/v1alpha1/--bad": segment[3]: a DNS-1123 subdomain`, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + errs := ValidateWebhook(test.config, field.NewPath("webhook")) + err := errs.ToAggregate() + if err != nil { + if e, a := test.expectedError, err.Error(); !strings.Contains(a, e) || e == "" { + t.Errorf("expected to contain \nerr: %s \ngot: %s", e, a) + } + } else { + if test.expectedError != "" { + t.Errorf("unexpected no error, expected to contain %s", test.expectedError) + } + } + }) + } +} diff --git a/pkg/apis/auditregistration/zz_generated.deepcopy.go b/pkg/apis/auditregistration/zz_generated.deepcopy.go new file mode 100644 index 00000000000..45106c0a5c7 --- /dev/null +++ b/pkg/apis/auditregistration/zz_generated.deepcopy.go @@ -0,0 +1,224 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package auditregistration + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSink) DeepCopyInto(out *AuditSink) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSink. +func (in *AuditSink) DeepCopy() *AuditSink { + if in == nil { + return nil + } + out := new(AuditSink) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSink) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkList) DeepCopyInto(out *AuditSinkList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AuditSink, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkList. +func (in *AuditSinkList) DeepCopy() *AuditSinkList { + if in == nil { + return nil + } + out := new(AuditSinkList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSinkList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkSpec) DeepCopyInto(out *AuditSinkSpec) { + *out = *in + in.Policy.DeepCopyInto(&out.Policy) + in.Webhook.DeepCopyInto(&out.Webhook) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkSpec. +func (in *AuditSinkSpec) DeepCopy() *AuditSinkSpec { + if in == nil { + return nil + } + out := new(AuditSinkSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Policy) DeepCopyInto(out *Policy) { + *out = *in + if in.Stages != nil { + in, out := &in.Stages, &out.Stages + *out = make([]Stage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. +func (in *Policy) DeepCopy() *Policy { + if in == nil { + return nil + } + out := new(Policy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceReference) DeepCopyInto(out *ServiceReference) { + *out = *in + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference. +func (in *ServiceReference) DeepCopy() *ServiceReference { + if in == nil { + return nil + } + out := new(ServiceReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Webhook) DeepCopyInto(out *Webhook) { + *out = *in + if in.Throttle != nil { + in, out := &in.Throttle, &out.Throttle + *out = new(WebhookThrottleConfig) + (*in).DeepCopyInto(*out) + } + in.ClientConfig.DeepCopyInto(&out.ClientConfig) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook. +func (in *Webhook) DeepCopy() *Webhook { + if in == nil { + return nil + } + out := new(Webhook) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig) { + *out = *in + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(ServiceReference) + (*in).DeepCopyInto(*out) + } + if in.CABundle != nil { + in, out := &in.CABundle, &out.CABundle + *out = make([]byte, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig. +func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig { + if in == nil { + return nil + } + out := new(WebhookClientConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookThrottleConfig) DeepCopyInto(out *WebhookThrottleConfig) { + *out = *in + if in.QPS != nil { + in, out := &in.QPS, &out.QPS + *out = new(int64) + **out = **in + } + if in.Burst != nil { + in, out := &in.Burst, &out.Burst + *out = new(int64) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookThrottleConfig. +func (in *WebhookThrottleConfig) DeepCopy() *WebhookThrottleConfig { + if in == nil { + return nil + } + out := new(WebhookThrottleConfig) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/client/clientset_generated/internalclientset/BUILD b/pkg/client/clientset_generated/internalclientset/BUILD index 0486ae00633..09144c4c39a 100644 --- a/pkg/client/clientset_generated/internalclientset/BUILD +++ b/pkg/client/clientset_generated/internalclientset/BUILD @@ -15,6 +15,7 @@ go_library( deps = [ "//pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion:go_default_library", @@ -51,6 +52,7 @@ filegroup( "//pkg/client/clientset_generated/internalclientset/scheme:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:all-srcs", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion:all-srcs", "//pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion:all-srcs", diff --git a/pkg/client/clientset_generated/internalclientset/clientset.go b/pkg/client/clientset_generated/internalclientset/clientset.go index 554d2680713..4a8cd33a664 100644 --- a/pkg/client/clientset_generated/internalclientset/clientset.go +++ b/pkg/client/clientset_generated/internalclientset/clientset.go @@ -24,6 +24,7 @@ import ( flowcontrol "k8s.io/client-go/util/flowcontrol" admissionregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion" appsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion" + auditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" authenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion" authorizationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion" autoscalinginternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion" @@ -46,6 +47,7 @@ type Interface interface { Admissionregistration() admissionregistrationinternalversion.AdmissionregistrationInterface Core() coreinternalversion.CoreInterface Apps() appsinternalversion.AppsInterface + Auditregistration() auditregistrationinternalversion.AuditregistrationInterface Authentication() authenticationinternalversion.AuthenticationInterface Authorization() authorizationinternalversion.AuthorizationInterface Autoscaling() autoscalinginternalversion.AutoscalingInterface @@ -69,6 +71,7 @@ type Clientset struct { admissionregistration *admissionregistrationinternalversion.AdmissionregistrationClient core *coreinternalversion.CoreClient apps *appsinternalversion.AppsClient + auditregistration *auditregistrationinternalversion.AuditregistrationClient authentication *authenticationinternalversion.AuthenticationClient authorization *authorizationinternalversion.AuthorizationClient autoscaling *autoscalinginternalversion.AutoscalingClient @@ -100,6 +103,11 @@ func (c *Clientset) Apps() appsinternalversion.AppsInterface { return c.apps } +// Auditregistration retrieves the AuditregistrationClient +func (c *Clientset) Auditregistration() auditregistrationinternalversion.AuditregistrationInterface { + return c.auditregistration +} + // Authentication retrieves the AuthenticationClient func (c *Clientset) Authentication() authenticationinternalversion.AuthenticationInterface { return c.authentication @@ -198,6 +206,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } + cs.auditregistration, err = auditregistrationinternalversion.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } cs.authentication, err = authenticationinternalversion.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -269,6 +281,7 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { cs.admissionregistration = admissionregistrationinternalversion.NewForConfigOrDie(c) cs.core = coreinternalversion.NewForConfigOrDie(c) cs.apps = appsinternalversion.NewForConfigOrDie(c) + cs.auditregistration = auditregistrationinternalversion.NewForConfigOrDie(c) cs.authentication = authenticationinternalversion.NewForConfigOrDie(c) cs.authorization = authorizationinternalversion.NewForConfigOrDie(c) cs.autoscaling = autoscalinginternalversion.NewForConfigOrDie(c) @@ -294,6 +307,7 @@ func New(c rest.Interface) *Clientset { cs.admissionregistration = admissionregistrationinternalversion.New(c) cs.core = coreinternalversion.New(c) cs.apps = appsinternalversion.New(c) + cs.auditregistration = auditregistrationinternalversion.New(c) cs.authentication = authenticationinternalversion.New(c) cs.authorization = authorizationinternalversion.New(c) cs.autoscaling = autoscalinginternalversion.New(c) diff --git a/pkg/client/clientset_generated/internalclientset/fake/BUILD b/pkg/client/clientset_generated/internalclientset/fake/BUILD index 13d19536c53..4e02bebe5fe 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/BUILD +++ b/pkg/client/clientset_generated/internalclientset/fake/BUILD @@ -16,6 +16,7 @@ go_library( deps = [ "//pkg/apis/admissionregistration:go_default_library", "//pkg/apis/apps:go_default_library", + "//pkg/apis/auditregistration:go_default_library", "//pkg/apis/authentication:go_default_library", "//pkg/apis/authorization:go_default_library", "//pkg/apis/autoscaling:go_default_library", @@ -36,6 +37,8 @@ go_library( "//pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/fake:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/fake:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/fake:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion:go_default_library", diff --git a/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go b/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go index a3c244e2f7e..1b48ee9f191 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go +++ b/pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go @@ -29,6 +29,8 @@ import ( fakeadmissionregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/fake" appsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion" fakeappsinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/fake" + auditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" + fakeauditregistrationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake" authenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion" fakeauthenticationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/fake" authorizationinternalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion" @@ -118,6 +120,11 @@ func (c *Clientset) Apps() appsinternalversion.AppsInterface { return &fakeappsinternalversion.FakeApps{Fake: &c.Fake} } +// Auditregistration retrieves the AuditregistrationClient +func (c *Clientset) Auditregistration() auditregistrationinternalversion.AuditregistrationInterface { + return &fakeauditregistrationinternalversion.FakeAuditregistration{Fake: &c.Fake} +} + // Authentication retrieves the AuthenticationClient func (c *Clientset) Authentication() authenticationinternalversion.AuthenticationInterface { return &fakeauthenticationinternalversion.FakeAuthentication{Fake: &c.Fake} diff --git a/pkg/client/clientset_generated/internalclientset/fake/register.go b/pkg/client/clientset_generated/internalclientset/fake/register.go index b57d17d8216..7540114665f 100644 --- a/pkg/client/clientset_generated/internalclientset/fake/register.go +++ b/pkg/client/clientset_generated/internalclientset/fake/register.go @@ -26,6 +26,7 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" admissionregistrationinternalversion "k8s.io/kubernetes/pkg/apis/admissionregistration" appsinternalversion "k8s.io/kubernetes/pkg/apis/apps" + auditregistrationinternalversion "k8s.io/kubernetes/pkg/apis/auditregistration" authenticationinternalversion "k8s.io/kubernetes/pkg/apis/authentication" authorizationinternalversion "k8s.io/kubernetes/pkg/apis/authorization" autoscalinginternalversion "k8s.io/kubernetes/pkg/apis/autoscaling" @@ -50,6 +51,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ admissionregistrationinternalversion.AddToScheme, coreinternalversion.AddToScheme, appsinternalversion.AddToScheme, + auditregistrationinternalversion.AddToScheme, authenticationinternalversion.AddToScheme, authorizationinternalversion.AddToScheme, autoscalinginternalversion.AddToScheme, diff --git a/pkg/client/clientset_generated/internalclientset/scheme/BUILD b/pkg/client/clientset_generated/internalclientset/scheme/BUILD index 30cbab1842b..86f91055b34 100644 --- a/pkg/client/clientset_generated/internalclientset/scheme/BUILD +++ b/pkg/client/clientset_generated/internalclientset/scheme/BUILD @@ -15,6 +15,7 @@ go_library( deps = [ "//pkg/apis/admissionregistration/install:go_default_library", "//pkg/apis/apps/install:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", "//pkg/apis/authentication/install:go_default_library", "//pkg/apis/authorization/install:go_default_library", "//pkg/apis/autoscaling/install:go_default_library", diff --git a/pkg/client/clientset_generated/internalclientset/scheme/register.go b/pkg/client/clientset_generated/internalclientset/scheme/register.go index 727d0e2995f..efc10eb859f 100644 --- a/pkg/client/clientset_generated/internalclientset/scheme/register.go +++ b/pkg/client/clientset_generated/internalclientset/scheme/register.go @@ -25,6 +25,7 @@ import ( serializer "k8s.io/apimachinery/pkg/runtime/serializer" admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration/install" apps "k8s.io/kubernetes/pkg/apis/apps/install" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration/install" authentication "k8s.io/kubernetes/pkg/apis/authentication/install" authorization "k8s.io/kubernetes/pkg/apis/authorization/install" autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling/install" @@ -56,6 +57,7 @@ func Install(scheme *runtime.Scheme) { admissionregistration.Install(scheme) core.Install(scheme) apps.Install(scheme) + auditregistration.Install(scheme) authentication.Install(scheme) authorization.Install(scheme) autoscaling.Install(scheme) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD new file mode 100644 index 00000000000..3d1e522b858 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditregistration_client.go", + "auditsink.go", + "doc.go", + "generated_expansion.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/client/clientset_generated/internalclientset/scheme:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go new file mode 100644 index 00000000000..07bedcbf5f3 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditregistration_client.go @@ -0,0 +1,96 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + rest "k8s.io/client-go/rest" + "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme" +) + +type AuditregistrationInterface interface { + RESTClient() rest.Interface + AuditSinksGetter +} + +// AuditregistrationClient is used to interact with features provided by the auditregistration.k8s.io group. +type AuditregistrationClient struct { + restClient rest.Interface +} + +func (c *AuditregistrationClient) AuditSinks() AuditSinkInterface { + return newAuditSinks(c) +} + +// NewForConfig creates a new AuditregistrationClient for the given config. +func NewForConfig(c *rest.Config) (*AuditregistrationClient, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AuditregistrationClient{client}, nil +} + +// NewForConfigOrDie creates a new AuditregistrationClient for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuditregistrationClient { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuditregistrationClient for the given RESTClient. +func New(c rest.Interface) *AuditregistrationClient { + return &AuditregistrationClient{c} +} + +func setConfigDefaults(config *rest.Config) error { + config.APIPath = "/apis" + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + if config.GroupVersion == nil || config.GroupVersion.Group != scheme.Scheme.PrioritizedVersionsForGroup("auditregistration.k8s.io")[0].Group { + gv := scheme.Scheme.PrioritizedVersionsForGroup("auditregistration.k8s.io")[0] + config.GroupVersion = &gv + } + config.NegotiatedSerializer = scheme.Codecs + + if config.QPS == 0 { + config.QPS = 5 + } + if config.Burst == 0 { + config.Burst = 10 + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuditregistrationClient) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go new file mode 100644 index 00000000000..799ec09c30a --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/auditsink.go @@ -0,0 +1,147 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" + scheme "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme" +) + +// AuditSinksGetter has a method to return a AuditSinkInterface. +// A group's client should implement this interface. +type AuditSinksGetter interface { + AuditSinks() AuditSinkInterface +} + +// AuditSinkInterface has methods to work with AuditSink resources. +type AuditSinkInterface interface { + Create(*auditregistration.AuditSink) (*auditregistration.AuditSink, error) + Update(*auditregistration.AuditSink) (*auditregistration.AuditSink, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*auditregistration.AuditSink, error) + List(opts v1.ListOptions) (*auditregistration.AuditSinkList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) + AuditSinkExpansion +} + +// auditSinks implements AuditSinkInterface +type auditSinks struct { + client rest.Interface +} + +// newAuditSinks returns a AuditSinks +func newAuditSinks(c *AuditregistrationClient) *auditSinks { + return &auditSinks{ + client: c.RESTClient(), + } +} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *auditSinks) Get(name string, options v1.GetOptions) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Get(). + Resource("auditsinks"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *auditSinks) List(opts v1.ListOptions) (result *auditregistration.AuditSinkList, err error) { + result = &auditregistration.AuditSinkList{} + err = c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *auditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Create(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Post(). + Resource("auditsinks"). + Body(auditSink). + Do(). + Into(result) + return +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Update(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Put(). + Resource("auditsinks"). + Name(auditSink.Name). + Body(auditSink). + Do(). + Into(result) + return +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *auditSinks) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *auditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched auditSink. +func (c *auditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) { + result = &auditregistration.AuditSink{} + err = c.client.Patch(pt). + Resource("auditsinks"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go new file mode 100644 index 00000000000..86602442bab --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package internalversion diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD new file mode 100644 index 00000000000..9a65f4ba86c --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/BUILD @@ -0,0 +1,37 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "fake_auditregistration_client.go", + "fake_auditsink.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/client-go/testing:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go new file mode 100644 index 00000000000..16f44399065 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go new file mode 100644 index 00000000000..9cb2f1f3f4e --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditregistration_client.go @@ -0,0 +1,40 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" + internalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion" +) + +type FakeAuditregistration struct { + *testing.Fake +} + +func (c *FakeAuditregistration) AuditSinks() internalversion.AuditSinkInterface { + return &FakeAuditSinks{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuditregistration) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go new file mode 100644 index 00000000000..eac7d725ae8 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/fake/fake_auditsink.go @@ -0,0 +1,120 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// FakeAuditSinks implements AuditSinkInterface +type FakeAuditSinks struct { + Fake *FakeAuditregistration +} + +var auditsinksResource = schema.GroupVersionResource{Group: "auditregistration.k8s.io", Version: "", Resource: "auditsinks"} + +var auditsinksKind = schema.GroupVersionKind{Group: "auditregistration.k8s.io", Version: "", Kind: "AuditSink"} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *FakeAuditSinks) Get(name string, options v1.GetOptions) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(auditsinksResource, name), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *FakeAuditSinks) List(opts v1.ListOptions) (result *auditregistration.AuditSinkList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(auditsinksResource, auditsinksKind, opts), &auditregistration.AuditSinkList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &auditregistration.AuditSinkList{ListMeta: obj.(*auditregistration.AuditSinkList).ListMeta} + for _, item := range obj.(*auditregistration.AuditSinkList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *FakeAuditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(auditsinksResource, opts)) +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Create(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(auditsinksResource, auditSink), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Update(auditSink *auditregistration.AuditSink) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(auditsinksResource, auditSink), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *FakeAuditSinks) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(auditsinksResource, name), &auditregistration.AuditSink{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAuditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(auditsinksResource, listOptions) + + _, err := c.Fake.Invokes(action, &auditregistration.AuditSinkList{}) + return err +} + +// Patch applies the patch and returns the patched auditSink. +func (c *FakeAuditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *auditregistration.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(auditsinksResource, name, pt, data, subresources...), &auditregistration.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*auditregistration.AuditSink), err +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go new file mode 100644 index 00000000000..4d3547b8d25 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/auditregistration/internalversion/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package internalversion + +type AuditSinkExpansion interface{} diff --git a/pkg/client/informers/informers_generated/internalversion/BUILD b/pkg/client/informers/informers_generated/internalversion/BUILD index 8b463202bf3..febac107a40 100644 --- a/pkg/client/informers/informers_generated/internalversion/BUILD +++ b/pkg/client/informers/informers_generated/internalversion/BUILD @@ -15,6 +15,7 @@ go_library( deps = [ "//pkg/apis/admissionregistration:go_default_library", "//pkg/apis/apps:go_default_library", + "//pkg/apis/auditregistration:go_default_library", "//pkg/apis/autoscaling:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/certificates:go_default_library", @@ -30,6 +31,7 @@ go_library( "//pkg/client/clientset_generated/internalclientset:go_default_library", "//pkg/client/informers/informers_generated/internalversion/admissionregistration:go_default_library", "//pkg/client/informers/informers_generated/internalversion/apps:go_default_library", + "//pkg/client/informers/informers_generated/internalversion/auditregistration:go_default_library", "//pkg/client/informers/informers_generated/internalversion/autoscaling:go_default_library", "//pkg/client/informers/informers_generated/internalversion/batch:go_default_library", "//pkg/client/informers/informers_generated/internalversion/certificates:go_default_library", @@ -63,6 +65,7 @@ filegroup( ":package-srcs", "//pkg/client/informers/informers_generated/internalversion/admissionregistration:all-srcs", "//pkg/client/informers/informers_generated/internalversion/apps:all-srcs", + "//pkg/client/informers/informers_generated/internalversion/auditregistration:all-srcs", "//pkg/client/informers/informers_generated/internalversion/autoscaling:all-srcs", "//pkg/client/informers/informers_generated/internalversion/batch:all-srcs", "//pkg/client/informers/informers_generated/internalversion/certificates:all-srcs", diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/BUILD b/pkg/client/informers/informers_generated/internalversion/auditregistration/BUILD new file mode 100644 index 00000000000..66d103acd28 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["interface.go"], + importpath = "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration", + visibility = ["//visibility:public"], + deps = [ + "//pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion:go_default_library", + "//pkg/client/informers/informers_generated/internalversion/internalinterfaces:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/interface.go b/pkg/client/informers/informers_generated/internalversion/auditregistration/interface.go new file mode 100644 index 00000000000..4340986bd09 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/interface.go @@ -0,0 +1,46 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package auditregistration + +import ( + internalversion "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion" + internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // InternalVersion provides access to shared informers for resources in InternalVersion. + InternalVersion() internalversion.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// InternalVersion returns a new internalversion.Interface. +func (g *group) InternalVersion() internalversion.Interface { + return internalversion.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/BUILD b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/BUILD new file mode 100644 index 00000000000..51da67f1c43 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/BUILD @@ -0,0 +1,35 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "interface.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/client/clientset_generated/internalclientset:go_default_library", + "//pkg/client/informers/informers_generated/internalversion/internalinterfaces:go_default_library", + "//pkg/client/listers/auditregistration/internalversion:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/auditsink.go b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/auditsink.go new file mode 100644 index 00000000000..328962ba1d3 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/auditsink.go @@ -0,0 +1,88 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + time "time" + + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" + internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" + internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces" + internalversion "k8s.io/kubernetes/pkg/client/listers/auditregistration/internalversion" +) + +// AuditSinkInformer provides access to a shared informer and lister for +// AuditSinks. +type AuditSinkInformer interface { + Informer() cache.SharedIndexInformer + Lister() internalversion.AuditSinkLister +} + +type auditSinkInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewAuditSinkInformer(client internalclientset.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredAuditSinkInformer(client internalclientset.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Auditregistration().AuditSinks().List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.Auditregistration().AuditSinks().Watch(options) + }, + }, + &auditregistration.AuditSink{}, + resyncPeriod, + indexers, + ) +} + +func (f *auditSinkInformer) defaultInformer(client internalclientset.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *auditSinkInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&auditregistration.AuditSink{}, f.defaultInformer) +} + +func (f *auditSinkInformer) Lister() internalversion.AuditSinkLister { + return internalversion.NewAuditSinkLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/interface.go b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/interface.go new file mode 100644 index 00000000000..94164ee06e1 --- /dev/null +++ b/pkg/client/informers/informers_generated/internalversion/auditregistration/internalversion/interface.go @@ -0,0 +1,45 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalversion + +import ( + internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // AuditSinks returns a AuditSinkInformer. + AuditSinks() AuditSinkInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// AuditSinks returns a AuditSinkInformer. +func (v *version) AuditSinks() AuditSinkInformer { + return &auditSinkInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/pkg/client/informers/informers_generated/internalversion/factory.go b/pkg/client/informers/informers_generated/internalversion/factory.go index a58a8aaed51..7997c6e859e 100644 --- a/pkg/client/informers/informers_generated/internalversion/factory.go +++ b/pkg/client/informers/informers_generated/internalversion/factory.go @@ -30,6 +30,7 @@ import ( internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" admissionregistration "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration" apps "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps" + auditregistration "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/auditregistration" autoscaling "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling" batch "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch" certificates "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates" @@ -187,6 +188,7 @@ type SharedInformerFactory interface { Admissionregistration() admissionregistration.Interface Apps() apps.Interface + Auditregistration() auditregistration.Interface Autoscaling() autoscaling.Interface Batch() batch.Interface Certificates() certificates.Interface @@ -209,6 +211,10 @@ func (f *sharedInformerFactory) Apps() apps.Interface { return apps.New(f, f.namespace, f.tweakListOptions) } +func (f *sharedInformerFactory) Auditregistration() auditregistration.Interface { + return auditregistration.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Autoscaling() autoscaling.Interface { return autoscaling.New(f, f.namespace, f.tweakListOptions) } diff --git a/pkg/client/informers/informers_generated/internalversion/generic.go b/pkg/client/informers/informers_generated/internalversion/generic.go index 21b0eee8e6c..92a5c6d18af 100644 --- a/pkg/client/informers/informers_generated/internalversion/generic.go +++ b/pkg/client/informers/informers_generated/internalversion/generic.go @@ -25,6 +25,7 @@ import ( cache "k8s.io/client-go/tools/cache" admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration" apps "k8s.io/kubernetes/pkg/apis/apps" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling" batch "k8s.io/kubernetes/pkg/apis/batch" certificates "k8s.io/kubernetes/pkg/apis/certificates" @@ -79,6 +80,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case apps.SchemeGroupVersion.WithResource("statefulsets"): return &genericInformer{resource: resource.GroupResource(), informer: f.Apps().InternalVersion().StatefulSets().Informer()}, nil + // Group=auditregistration.k8s.io, Version=internalVersion + case auditregistration.SchemeGroupVersion.WithResource("auditsinks"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Auditregistration().InternalVersion().AuditSinks().Informer()}, nil + // Group=autoscaling, Version=internalVersion case autoscaling.SchemeGroupVersion.WithResource("horizontalpodautoscalers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Autoscaling().InternalVersion().HorizontalPodAutoscalers().Informer()}, nil diff --git a/pkg/client/listers/auditregistration/internalversion/BUILD b/pkg/client/listers/auditregistration/internalversion/BUILD new file mode 100644 index 00000000000..2c4c3481acd --- /dev/null +++ b/pkg/client/listers/auditregistration/internalversion/BUILD @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "expansion_generated.go", + ], + importpath = "k8s.io/kubernetes/pkg/client/listers/auditregistration/internalversion", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/client/listers/auditregistration/internalversion/auditsink.go b/pkg/client/listers/auditregistration/internalversion/auditsink.go new file mode 100644 index 00000000000..f42c39da316 --- /dev/null +++ b/pkg/client/listers/auditregistration/internalversion/auditsink.go @@ -0,0 +1,65 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +import ( + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" + auditregistration "k8s.io/kubernetes/pkg/apis/auditregistration" +) + +// AuditSinkLister helps list AuditSinks. +type AuditSinkLister interface { + // List lists all AuditSinks in the indexer. + List(selector labels.Selector) (ret []*auditregistration.AuditSink, err error) + // Get retrieves the AuditSink from the index for a given name. + Get(name string) (*auditregistration.AuditSink, error) + AuditSinkListerExpansion +} + +// auditSinkLister implements the AuditSinkLister interface. +type auditSinkLister struct { + indexer cache.Indexer +} + +// NewAuditSinkLister returns a new AuditSinkLister. +func NewAuditSinkLister(indexer cache.Indexer) AuditSinkLister { + return &auditSinkLister{indexer: indexer} +} + +// List lists all AuditSinks in the indexer. +func (s *auditSinkLister) List(selector labels.Selector) (ret []*auditregistration.AuditSink, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*auditregistration.AuditSink)) + }) + return ret, err +} + +// Get retrieves the AuditSink from the index for a given name. +func (s *auditSinkLister) Get(name string) (*auditregistration.AuditSink, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(auditregistration.Resource("auditsink"), name) + } + return obj.(*auditregistration.AuditSink), nil +} diff --git a/pkg/client/listers/auditregistration/internalversion/expansion_generated.go b/pkg/client/listers/auditregistration/internalversion/expansion_generated.go new file mode 100644 index 00000000000..2b38d67733f --- /dev/null +++ b/pkg/client/listers/auditregistration/internalversion/expansion_generated.go @@ -0,0 +1,23 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package internalversion + +// AuditSinkListerExpansion allows custom methods to be added to +// AuditSinkLister. +type AuditSinkListerExpansion interface{} diff --git a/pkg/cloudprovider/providers/aws/aws.go b/pkg/cloudprovider/providers/aws/aws.go index 6b115eef5ab..02f7c783b22 100644 --- a/pkg/cloudprovider/providers/aws/aws.go +++ b/pkg/cloudprovider/providers/aws/aws.go @@ -1386,7 +1386,9 @@ func (c *Cloud) InstanceShutdownByProviderID(ctx context.Context, providerID str } if len(instances) == 0 { glog.Warningf("the instance %s does not exist anymore", providerID) - return true, nil + // returns false, because otherwise node is not deleted from cluster + // false means that it will continue to check InstanceExistsByProviderID + return false, nil } if len(instances) > 1 { return false, fmt.Errorf("multiple instances found for instance: %s", instanceID) @@ -1396,7 +1398,7 @@ func (c *Cloud) InstanceShutdownByProviderID(ctx context.Context, providerID str if instance.State != nil { state := aws.StringValue(instance.State.Name) // valid state for detaching volumes - if state == ec2.InstanceStateNameStopped || state == ec2.InstanceStateNameTerminated { + if state == ec2.InstanceStateNameStopped { return true, nil } } diff --git a/pkg/cloudprovider/providers/azure/BUILD b/pkg/cloudprovider/providers/azure/BUILD index 747c3867ed0..6517b058d4b 100644 --- a/pkg/cloudprovider/providers/azure/BUILD +++ b/pkg/cloudprovider/providers/azure/BUILD @@ -60,7 +60,7 @@ go_library( "//staging/src/k8s.io/cloud-provider:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network:go_default_library", - "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage:go_default_library", + "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/storage:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library", @@ -103,7 +103,7 @@ go_test( "//staging/src/k8s.io/cloud-provider:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network:go_default_library", - "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage:go_default_library", + "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library", "//vendor/github.com/stretchr/testify/assert:go_default_library", diff --git a/pkg/cloudprovider/providers/azure/azure_blobDiskController.go b/pkg/cloudprovider/providers/azure/azure_blobDiskController.go index 093bfc03714..6ecc8bf4437 100644 --- a/pkg/cloudprovider/providers/azure/azure_blobDiskController.go +++ b/pkg/cloudprovider/providers/azure/azure_blobDiskController.go @@ -27,7 +27,7 @@ import ( "sync/atomic" "time" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" azstorage "github.com/Azure/azure-sdk-for-go/storage" "github.com/Azure/go-autorest/autorest/to" "github.com/golang/glog" @@ -80,7 +80,7 @@ func newBlobDiskController(common *controllerCommon) (*BlobDiskController, error // If no storage account is given, search all the storage accounts associated with the resource group and pick one that // fits storage type and location. func (c *BlobDiskController) CreateVolume(blobName, accountName, accountType, location string, requestGB int) (string, string, int, error) { - account, key, err := c.common.cloud.ensureStorageAccount(accountName, accountType, c.common.resourceGroup, location, dedicatedDiskAccountNamePrefix) + account, key, err := c.common.cloud.ensureStorageAccount(accountName, accountType, string(defaultStorageAccountKind), c.common.resourceGroup, location, dedicatedDiskAccountNamePrefix) if err != nil { return "", "", 0, fmt.Errorf("could not get storage key for storage account %s: %v", accountName, err) } @@ -491,7 +491,7 @@ func (c *BlobDiskController) createStorageAccount(storageAccountName string, sto cp := storage.AccountCreateParameters{ Sku: &storage.Sku{Name: storageAccountType}, // switch to use StorageV2 as it's recommended according to https://docs.microsoft.com/en-us/azure/storage/common/storage-account-options - Kind: storage.StorageV2, + Kind: defaultStorageAccountKind, Tags: map[string]*string{"created-by": to.StringPtr("azure-dd")}, Location: &location} ctx, cancel := getContextWithCancel() diff --git a/pkg/cloudprovider/providers/azure/azure_client.go b/pkg/cloudprovider/providers/azure/azure_client.go index 19d5e7a158a..f8abb8fa5d7 100644 --- a/pkg/cloudprovider/providers/azure/azure_client.go +++ b/pkg/cloudprovider/providers/azure/azure_client.go @@ -24,7 +24,7 @@ import ( "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute" "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/Azure/go-autorest/autorest" "github.com/Azure/go-autorest/autorest/adal" "github.com/golang/glog" diff --git a/pkg/cloudprovider/providers/azure/azure_controller_common.go b/pkg/cloudprovider/providers/azure/azure_controller_common.go index 12cfd78be02..ef628c24fa4 100644 --- a/pkg/cloudprovider/providers/azure/azure_controller_common.go +++ b/pkg/cloudprovider/providers/azure/azure_controller_common.go @@ -128,7 +128,7 @@ func (c *controllerCommon) GetDiskLun(diskName, diskURI string, nodeName types.N (disk.Vhd != nil && disk.Vhd.URI != nil && diskURI != "" && *disk.Vhd.URI == diskURI) || (disk.ManagedDisk != nil && *disk.ManagedDisk.ID == diskURI) { // found the disk - glog.V(4).Infof("azureDisk - find disk: lun %d name %q uri %q", *disk.Lun, diskName, diskURI) + glog.V(2).Infof("azureDisk - find disk: lun %d name %q uri %q", *disk.Lun, diskName, diskURI) return *disk.Lun, nil } } diff --git a/pkg/cloudprovider/providers/azure/azure_fakes.go b/pkg/cloudprovider/providers/azure/azure_fakes.go index bfa6c0c1f7d..4cb6a545dc3 100644 --- a/pkg/cloudprovider/providers/azure/azure_fakes.go +++ b/pkg/cloudprovider/providers/azure/azure_fakes.go @@ -31,7 +31,7 @@ import ( "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute" "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/Azure/go-autorest/autorest" "github.com/Azure/go-autorest/autorest/to" ) diff --git a/pkg/cloudprovider/providers/azure/azure_file.go b/pkg/cloudprovider/providers/azure/azure_file.go index 138dabb5765..f5bec74cb25 100644 --- a/pkg/cloudprovider/providers/azure/azure_file.go +++ b/pkg/cloudprovider/providers/azure/azure_file.go @@ -58,22 +58,11 @@ func (f *azureFileClient) createFileShare(accountName, accountKey, name string, if err != nil { return err } - // create a file share and set quota - // Note. Per https://docs.microsoft.com/en-us/rest/api/storageservices/fileservices/Create-Share, - // setting x-ms-share-quota can set quota on the new share, but in reality, setting quota in CreateShare - // receives error "The metadata specified is invalid. It has characters that are not permitted." - // As a result,breaking into two API calls: create share and set quota share := fileClient.GetShareReference(name) + share.Properties.Quota = sizeGiB if err = share.Create(nil); err != nil { return fmt.Errorf("failed to create file share, err: %v", err) } - share.Properties.Quota = sizeGiB - if err = share.SetProperties(nil); err != nil { - if err := share.Delete(nil); err != nil { - glog.Errorf("Error deleting share: %v", err) - } - return fmt.Errorf("failed to set quota on file share %s, err: %v", name, err) - } return nil } diff --git a/pkg/cloudprovider/providers/azure/azure_managedDiskController.go b/pkg/cloudprovider/providers/azure/azure_managedDiskController.go index 946314c39a3..e72608175bc 100644 --- a/pkg/cloudprovider/providers/azure/azure_managedDiskController.go +++ b/pkg/cloudprovider/providers/azure/azure_managedDiskController.go @@ -24,7 +24,7 @@ import ( "strings" "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/golang/glog" "k8s.io/api/core/v1" diff --git a/pkg/cloudprovider/providers/azure/azure_storage.go b/pkg/cloudprovider/providers/azure/azure_storage.go index b536d3e95bb..7c95487be26 100644 --- a/pkg/cloudprovider/providers/azure/azure_storage.go +++ b/pkg/cloudprovider/providers/azure/azure_storage.go @@ -19,24 +19,26 @@ package azure import ( "fmt" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/golang/glog" ) const ( defaultStorageAccountType = string(storage.StandardLRS) + defaultStorageAccountKind = storage.StorageV2 fileShareAccountNamePrefix = "f" sharedDiskAccountNamePrefix = "ds" dedicatedDiskAccountNamePrefix = "dd" ) -// CreateFileShare creates a file share, using a matching storage account -func (az *Cloud) CreateFileShare(shareName, accountName, accountType, resourceGroup, location string, requestGiB int) (string, string, error) { +// CreateFileShare creates a file share, using a matching storage account type, account kind, etc. +// storage account will be created if specified account is not found +func (az *Cloud) CreateFileShare(shareName, accountName, accountType, accountKind, resourceGroup, location string, requestGiB int) (string, string, error) { if resourceGroup == "" { resourceGroup = az.resourceGroup } - account, key, err := az.ensureStorageAccount(accountName, accountType, resourceGroup, location, fileShareAccountNamePrefix) + account, key, err := az.ensureStorageAccount(accountName, accountType, accountKind, resourceGroup, location, fileShareAccountNamePrefix) if err != nil { return "", "", fmt.Errorf("could not get storage key for storage account %s: %v", accountName, err) } diff --git a/pkg/cloudprovider/providers/azure/azure_storage_test.go b/pkg/cloudprovider/providers/azure/azure_storage_test.go index 3ad1f0eb2a2..ca70e76d1c5 100644 --- a/pkg/cloudprovider/providers/azure/azure_storage_test.go +++ b/pkg/cloudprovider/providers/azure/azure_storage_test.go @@ -19,7 +19,7 @@ package azure import ( "testing" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" ) func TestCreateFileShare(t *testing.T) { @@ -30,6 +30,7 @@ func TestCreateFileShare(t *testing.T) { name := "baz" sku := "sku" + kind := "StorageV2" location := "centralus" value := "foo key" bogus := "bogus" @@ -38,6 +39,7 @@ func TestCreateFileShare(t *testing.T) { name string acct string acctType string + acctKind string loc string gb int accounts storage.AccountListResult @@ -52,6 +54,7 @@ func TestCreateFileShare(t *testing.T) { name: "foo", acct: "bar", acctType: "type", + acctKind: "StorageV2", loc: "eastus", gb: 10, expectErr: true, @@ -60,6 +63,7 @@ func TestCreateFileShare(t *testing.T) { name: "foo", acct: "", acctType: "type", + acctKind: "StorageV2", loc: "eastus", gb: 10, expectErr: true, @@ -68,11 +72,12 @@ func TestCreateFileShare(t *testing.T) { name: "foo", acct: "", acctType: sku, + acctKind: kind, loc: location, gb: 10, accounts: storage.AccountListResult{ Value: &[]storage.Account{ - {Name: &name, Sku: &storage.Sku{Name: storage.SkuName(sku)}, Location: &location}, + {Name: &name, Sku: &storage.Sku{Name: storage.SkuName(sku)}, Kind: storage.Kind(kind), Location: &location}, }, }, keys: storage.AccountListKeysResult{ @@ -87,6 +92,7 @@ func TestCreateFileShare(t *testing.T) { name: "foo", acct: "", acctType: sku, + acctKind: kind, loc: location, gb: 10, accounts: storage.AccountListResult{ @@ -100,6 +106,7 @@ func TestCreateFileShare(t *testing.T) { name: "foo", acct: "", acctType: sku, + acctKind: kind, loc: location, gb: 10, accounts: storage.AccountListResult{ @@ -116,7 +123,7 @@ func TestCreateFileShare(t *testing.T) { fake.Keys = test.keys fake.Err = test.err - account, key, err := cloud.CreateFileShare(test.name, test.acct, test.acctType, "rg", test.loc, test.gb) + account, key, err := cloud.CreateFileShare(test.name, test.acct, test.acctType, test.acctKind, "rg", test.loc, test.gb) if test.expectErr && err == nil { t.Errorf("unexpected non-error") continue diff --git a/pkg/cloudprovider/providers/azure/azure_storageaccount.go b/pkg/cloudprovider/providers/azure/azure_storageaccount.go index 7c885f31009..f0d50091474 100644 --- a/pkg/cloudprovider/providers/azure/azure_storageaccount.go +++ b/pkg/cloudprovider/providers/azure/azure_storageaccount.go @@ -20,7 +20,7 @@ import ( "fmt" "strings" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/Azure/go-autorest/autorest/to" "github.com/golang/glog" ) @@ -30,7 +30,7 @@ type accountWithLocation struct { } // getStorageAccounts gets name, type, location of all storage accounts in a resource group which matches matchingAccountType, matchingLocation -func (az *Cloud) getStorageAccounts(matchingAccountType, resourceGroup, matchingLocation string) ([]accountWithLocation, error) { +func (az *Cloud) getStorageAccounts(matchingAccountType, matchingAccountKind, resourceGroup, matchingLocation string) ([]accountWithLocation, error) { ctx, cancel := getContextWithCancel() defer cancel() result, err := az.StorageAccountClient.ListByResourceGroup(ctx, resourceGroup) @@ -49,6 +49,10 @@ func (az *Cloud) getStorageAccounts(matchingAccountType, resourceGroup, matching continue } + if matchingAccountKind != "" && !strings.EqualFold(matchingAccountKind, string(acct.Kind)) { + continue + } + location := *acct.Location if matchingLocation != "" && !strings.EqualFold(matchingLocation, location) { continue @@ -86,10 +90,10 @@ func (az *Cloud) getStorageAccesskey(account, resourceGroup string) (string, err } // ensureStorageAccount search storage account, create one storage account(with genAccountNamePrefix) if not found, return accountName, accountKey -func (az *Cloud) ensureStorageAccount(accountName, accountType, resourceGroup, location, genAccountNamePrefix string) (string, string, error) { +func (az *Cloud) ensureStorageAccount(accountName, accountType, accountKind, resourceGroup, location, genAccountNamePrefix string) (string, string, error) { if len(accountName) == 0 { // find a storage account that matches accountType - accounts, err := az.getStorageAccounts(accountType, resourceGroup, location) + accounts, err := az.getStorageAccounts(accountType, accountKind, resourceGroup, location) if err != nil { return "", "", fmt.Errorf("could not list storage accounts for account type %s: %v", accountType, err) } @@ -109,12 +113,16 @@ func (az *Cloud) ensureStorageAccount(accountName, accountType, resourceGroup, l accountType = defaultStorageAccountType } - glog.V(2).Infof("azure - no matching account found, begin to create a new account %s in resource group %s, location: %s, accountType: %s", - accountName, resourceGroup, location, accountType) + // use StorageV2 by default per https://docs.microsoft.com/en-us/azure/storage/common/storage-account-options + kind := defaultStorageAccountKind + if accountKind != "" { + kind = storage.Kind(accountKind) + } + glog.V(2).Infof("azure - no matching account found, begin to create a new account %s in resource group %s, location: %s, accountType: %s, accountKind: %s", + accountName, resourceGroup, location, accountType, kind) cp := storage.AccountCreateParameters{ - Sku: &storage.Sku{Name: storage.SkuName(accountType)}, - // switch to use StorageV2 as it's recommended according to https://docs.microsoft.com/en-us/azure/storage/common/storage-account-options - Kind: storage.StorageV2, + Sku: &storage.Sku{Name: storage.SkuName(accountType)}, + Kind: kind, AccountPropertiesCreateParameters: &storage.AccountPropertiesCreateParameters{EnableHTTPSTrafficOnly: to.BoolPtr(true)}, Tags: map[string]*string{"created-by": to.StringPtr("azure")}, Location: &location} diff --git a/pkg/cloudprovider/providers/azure/azure_storageaccount_test.go b/pkg/cloudprovider/providers/azure/azure_storageaccount_test.go index 66922ad16ad..bba66e0043f 100644 --- a/pkg/cloudprovider/providers/azure/azure_storageaccount_test.go +++ b/pkg/cloudprovider/providers/azure/azure_storageaccount_test.go @@ -20,7 +20,7 @@ import ( "fmt" "testing" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" ) func TestGetStorageAccessKeys(t *testing.T) { diff --git a/pkg/controller/certificates/approver/sarapprove_test.go b/pkg/controller/certificates/approver/sarapprove_test.go index 40dcc316d43..8bb9808464f 100644 --- a/pkg/controller/certificates/approver/sarapprove_test.go +++ b/pkg/controller/certificates/approver/sarapprove_test.go @@ -86,7 +86,6 @@ func TestHasKubeletUsages(t *testing.T) { func TestHandle(t *testing.T) { cases := []struct { - message string allowed bool recognized bool err bool diff --git a/pkg/controller/controller_ref_manager_test.go b/pkg/controller/controller_ref_manager_test.go index fe878176430..4967314a223 100644 --- a/pkg/controller/controller_ref_manager_test.go +++ b/pkg/controller/controller_ref_manager_test.go @@ -32,7 +32,6 @@ var ( productionLabel = map[string]string{"type": "production"} testLabel = map[string]string{"type": "testing"} productionLabelSelector = labels.Set{"type": "production"}.AsSelector() - testLabelSelector = labels.Set{"type": "testing"}.AsSelector() controllerUID = "123" ) @@ -60,12 +59,10 @@ func newPod(podName string, label map[string]string, owner metav1.Object) *v1.Po func TestClaimPods(t *testing.T) { controllerKind := schema.GroupVersionKind{} type test struct { - name string - manager *PodControllerRefManager - pods []*v1.Pod - filters []func(*v1.Pod) bool - claimed []*v1.Pod - released []*v1.Pod + name string + manager *PodControllerRefManager + pods []*v1.Pod + claimed []*v1.Pod } var tests = []test{ { diff --git a/pkg/controller/cronjob/BUILD b/pkg/controller/cronjob/BUILD index 237081c3de3..82e659f74b4 100644 --- a/pkg/controller/cronjob/BUILD +++ b/pkg/controller/cronjob/BUILD @@ -25,7 +25,6 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", diff --git a/pkg/controller/cronjob/utils.go b/pkg/controller/cronjob/utils.go index 53db1d8e008..4ad7ae9994f 100644 --- a/pkg/controller/cronjob/utils.go +++ b/pkg/controller/cronjob/utils.go @@ -27,10 +27,7 @@ import ( batchv1beta1 "k8s.io/api/batch/v1beta1" "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" - ref "k8s.io/client-go/tools/reference" "k8s.io/kubernetes/pkg/api/legacyscheme" ) @@ -177,27 +174,6 @@ func getTimeHash(scheduledTime time.Time) int64 { return scheduledTime.Unix() } -// makeCreatedByRefJson makes a json string with an object reference for use in "created-by" annotation value -func makeCreatedByRefJson(object runtime.Object) (string, error) { - createdByRef, err := ref.GetReference(legacyscheme.Scheme, object) - if err != nil { - return "", fmt.Errorf("unable to get controller reference: %v", err) - } - - // TODO: this code was not safe previously - as soon as new code came along that switched to v2, old clients - // would be broken upon reading it. This is explicitly hardcoded to v1 to guarantee predictable deployment. - // We need to consistently handle this case of annotation versioning. - codec := legacyscheme.Codecs.LegacyCodec(schema.GroupVersion{Group: v1.GroupName, Version: "v1"}) - - createdByRefJson, err := runtime.Encode(codec, &v1.SerializedReference{ - Reference: *createdByRef, - }) - if err != nil { - return "", fmt.Errorf("unable to serialize controller reference: %v", err) - } - return string(createdByRefJson), nil -} - func getFinishedStatus(j *batchv1.Job) (bool, batchv1.JobConditionType) { for _, c := range j.Status.Conditions { if (c.Type == batchv1.JobComplete || c.Type == batchv1.JobFailed) && c.Status == v1.ConditionTrue { diff --git a/pkg/controller/deployment/util/deployment_util_test.go b/pkg/controller/deployment/util/deployment_util_test.go index 7a8738ac003..5e21f501f91 100644 --- a/pkg/controller/deployment/util/deployment_util_test.go +++ b/pkg/controller/deployment/util/deployment_util_test.go @@ -506,7 +506,6 @@ func TestFindOldReplicaSets(t *testing.T) { Name string deployment apps.Deployment rsList []*apps.ReplicaSet - podList *v1.PodList expected []*apps.ReplicaSet expectedRequire []*apps.ReplicaSet }{ diff --git a/pkg/controller/disruption/disruption_test.go b/pkg/controller/disruption/disruption_test.go index 73426697768..b0dc45c2d9f 100644 --- a/pkg/controller/disruption/disruption_test.go +++ b/pkg/controller/disruption/disruption_test.go @@ -468,7 +468,6 @@ func TestReplicaSet(t *testing.T) { // Verify that multiple controllers doesn't allow the PDB to be set true. func TestMultipleControllers(t *testing.T) { - const rcCount = 2 const podCount = 2 dc, ps := newFakeDisruptionController() @@ -610,10 +609,9 @@ func TestTwoControllers(t *testing.T) { // code. If you update a parameter here, recalculate the correct values for // all of them. Further down in the test, we use these to control loops, and // that level of logic is enough complexity for me. - const collectionSize int32 = 11 // How big each collection is - const minAvailable string = "28%" // minAvailable we'll specify - const minimumOne int32 = 4 // integer minimum with one controller - const minimumTwo int32 = 7 // integer minimum with two controllers + const collectionSize int32 = 11 // How big each collection is + const minimumOne int32 = 4 // integer minimum with one controller + const minimumTwo int32 = 7 // integer minimum with two controllers pdb, pdbName := newMinAvailablePodDisruptionBudget(t, intstr.FromString("28%")) add(t, dc.pdbStore, pdb) diff --git a/pkg/controller/nodeipam/BUILD b/pkg/controller/nodeipam/BUILD index b21fe38d527..7314b3960f3 100644 --- a/pkg/controller/nodeipam/BUILD +++ b/pkg/controller/nodeipam/BUILD @@ -3,6 +3,23 @@ package(default_visibility = ["//visibility:public"]) load( "@io_bazel_rules_go//go:def.bzl", "go_library", + "go_test", +) + +go_test( + name = "go_default_test", + srcs = ["node_ipam_controller_test.go"], + embed = [":go_default_library"], + deps = [ + "//pkg/cloudprovider/providers/gce:go_default_library", + "//pkg/controller:go_default_library", + "//pkg/controller/nodeipam/ipam:go_default_library", + "//pkg/controller/testutil:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/client-go/informers:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library", + ], ) go_library( diff --git a/pkg/controller/nodeipam/node_ipam_controller.go b/pkg/controller/nodeipam/node_ipam_controller.go index a0946618d79..4d45845cf81 100644 --- a/pkg/controller/nodeipam/node_ipam_controller.go +++ b/pkg/controller/nodeipam/node_ipam_controller.go @@ -110,8 +110,11 @@ func NewNodeIpamController( glog.Fatal("Controller: Must specify --cluster-cidr if --allocate-node-cidrs is set") } mask := clusterCIDR.Mask - if maskSize, _ := mask.Size(); maskSize > nodeCIDRMaskSize { - glog.Fatal("Controller: Invalid --cluster-cidr, mask size of cluster CIDR must be less than --node-cidr-mask-size") + if allocatorType != ipam.CloudAllocatorType { + // Cloud CIDR allocator does not rely on clusterCIDR or nodeCIDRMaskSize for allocation. + if maskSize, _ := mask.Size(); maskSize > nodeCIDRMaskSize { + glog.Fatal("Controller: Invalid --cluster-cidr, mask size of cluster CIDR must be less than --node-cidr-mask-size") + } } ic := &Controller{ diff --git a/pkg/controller/nodeipam/node_ipam_controller_test.go b/pkg/controller/nodeipam/node_ipam_controller_test.go new file mode 100644 index 00000000000..6f25f7ce363 --- /dev/null +++ b/pkg/controller/nodeipam/node_ipam_controller_test.go @@ -0,0 +1,102 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package nodeipam + +import ( + "net" + "os" + "os/exec" + "testing" + + "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/informers" + "k8s.io/client-go/kubernetes/fake" + "k8s.io/kubernetes/pkg/cloudprovider/providers/gce" + "k8s.io/kubernetes/pkg/controller" + "k8s.io/kubernetes/pkg/controller/nodeipam/ipam" + "k8s.io/kubernetes/pkg/controller/testutil" +) + +func newTestNodeIpamController(clusterCIDR, serviceCIDR *net.IPNet, nodeCIDRMaskSize int, allocatorType ipam.CIDRAllocatorType) (*Controller, error) { + clientSet := fake.NewSimpleClientset() + fakeNodeHandler := &testutil.FakeNodeHandler{ + Existing: []*v1.Node{ + {ObjectMeta: metav1.ObjectMeta{Name: "node0"}}, + }, + Clientset: fake.NewSimpleClientset(), + } + fakeClient := &fake.Clientset{} + fakeInformerFactory := informers.NewSharedInformerFactory(fakeClient, controller.NoResyncPeriodFunc()) + fakeNodeInformer := fakeInformerFactory.Core().V1().Nodes() + + for _, node := range fakeNodeHandler.Existing { + fakeNodeInformer.Informer().GetStore().Add(node) + } + + fakeGCE := gce.FakeGCECloud(gce.DefaultTestClusterValues()) + return NewNodeIpamController( + fakeNodeInformer, fakeGCE, clientSet, + clusterCIDR, serviceCIDR, nodeCIDRMaskSize, allocatorType, + ) +} + +// TestNewNodeIpamControllerWithCIDRMasks tests if the controller can be +// created with combinations of network CIDRs and masks. +func TestNewNodeIpamControllerWithCIDRMasks(t *testing.T) { + for _, tc := range []struct { + desc string + clusterCIDR string + serviceCIDR string + maskSize int + allocatorType ipam.CIDRAllocatorType + wantFatal bool + }{ + {"valid_range_allocator", "10.0.0.0/21", "10.1.0.0/21", 24, ipam.RangeAllocatorType, false}, + {"valid_cloud_allocator", "10.0.0.0/21", "10.1.0.0/21", 24, ipam.CloudAllocatorType, false}, + {"valid_ipam_from_cluster", "10.0.0.0/21", "10.1.0.0/21", 24, ipam.IPAMFromClusterAllocatorType, false}, + {"valid_ipam_from_cloud", "10.0.0.0/21", "10.1.0.0/21", 24, ipam.IPAMFromCloudAllocatorType, false}, + {"invalid_cluster_CIDR", "invalid", "10.1.0.0/21", 24, ipam.CloudAllocatorType, true}, + {"valid_CIDR_smaller_than_mask_cloud_allocator", "10.0.0.0/26", "10.1.0.0/21", 24, ipam.CloudAllocatorType, false}, + {"invalid_CIDR_smaller_than_mask_other_allocators", "10.0.0.0/26", "10.1.0.0/21", 24, ipam.IPAMFromCloudAllocatorType, true}, + } { + t.Run(tc.desc, func(t *testing.T) { + _, clusterCIDRIpNet, _ := net.ParseCIDR(tc.clusterCIDR) + _, serviceCIDRIpNet, _ := net.ParseCIDR(tc.serviceCIDR) + if os.Getenv("EXIT_ON_FATAL") == "1" { + // This is the subprocess which runs the actual code. + newTestNodeIpamController(clusterCIDRIpNet, serviceCIDRIpNet, tc.maskSize, tc.allocatorType) + return + } + // This is the host process that monitors the exit code of the subprocess. + cmd := exec.Command(os.Args[0], "-test.run=TestNewNodeIpamControllerWithCIDRMasks/"+tc.desc) + cmd.Env = append(os.Environ(), "EXIT_ON_FATAL=1") + err := cmd.Run() + var gotFatal bool + if err != nil { + exitErr, ok := err.(*exec.ExitError) + if !ok { + t.Fatalf("Failed to run subprocess: %v", err) + } + gotFatal = !exitErr.Success() + } + if gotFatal != tc.wantFatal { + t.Errorf("newTestNodeIpamController(%v, %v, %v, %v) : gotFatal = %t ; wantFatal = %t", clusterCIDRIpNet, serviceCIDRIpNet, tc.maskSize, tc.allocatorType, gotFatal, tc.wantFatal) + } + }) + } +} diff --git a/pkg/controller/nodelifecycle/node_lifecycle_controller.go b/pkg/controller/nodelifecycle/node_lifecycle_controller.go index 9457c3fc4e1..bd6785f3f8d 100644 --- a/pkg/controller/nodelifecycle/node_lifecycle_controller.go +++ b/pkg/controller/nodelifecycle/node_lifecycle_controller.go @@ -345,7 +345,11 @@ func NewNodeLifecycleController( nc.podInformerSynced = podInformer.Informer().HasSynced if nc.runTaintManager { - nc.taintManager = scheduler.NewNoExecuteTaintManager(kubeClient) + podLister := podInformer.Lister() + podGetter := func(name, namespace string) (*v1.Pod, error) { return podLister.Pods(namespace).Get(name) } + nodeLister := nodeInformer.Lister() + nodeGetter := func(name string) (*v1.Node, error) { return nodeLister.Get(name) } + nc.taintManager = scheduler.NewNoExecuteTaintManager(kubeClient, podGetter, nodeGetter) nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: nodeutil.CreateAddNodeHandler(func(node *v1.Node) error { nc.taintManager.NodeUpdated(nil, node) @@ -388,7 +392,12 @@ func NewNodeLifecycleController( }) nc.leaseLister = leaseInformer.Lister() - nc.leaseInformerSynced = leaseInformer.Informer().HasSynced + if utilfeature.DefaultFeatureGate.Enabled(features.NodeLease) { + nc.leaseInformerSynced = leaseInformer.Informer().HasSynced + } else { + // Always indicate that lease is synced to prevent syncing lease. + nc.leaseInformerSynced = func() bool { return true } + } nc.nodeLister = nodeInformer.Lister() nc.nodeInformerSynced = nodeInformer.Informer().HasSynced diff --git a/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go b/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go index a02b1f373cb..3b17a9f86fd 100644 --- a/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go +++ b/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go @@ -727,7 +727,6 @@ func TestPodStatusChange(t *testing.T) { // Node created long time ago, node controller posted Unknown for a long period of time. table := []struct { fakeNodeHandler *testutil.FakeNodeHandler - daemonSets []extensions.DaemonSet timeToPass time.Duration newNodeStatus v1.NodeStatus secondNodeNewStatus v1.NodeStatus @@ -1821,7 +1820,6 @@ func TestMonitorNodeHealthUpdateStatus(t *testing.T) { expectedPodStatusUpdate: false, }, } - for i, item := range table { nodeController, _ := newNodeLifecycleControllerFromClient( nil, @@ -2611,6 +2609,157 @@ func TestMonitorNodeHealthMarkPodsNotReady(t *testing.T) { } } +// TestApplyNoExecuteTaints, ensures we just have a NoExecute taint applied to node. +// NodeController is just responsible for enqueuing the node to tainting queue from which taint manager picks up +// and evicts the pods on the node. +func TestApplyNoExecuteTaints(t *testing.T) { + fakeNow := metav1.Date(2017, 1, 1, 12, 0, 0, 0, time.UTC) + evictionTimeout := 10 * time.Minute + + fakeNodeHandler := &testutil.FakeNodeHandler{ + Existing: []*v1.Node{ + // Unreachable Taint with effect 'NoExecute' should be applied to this node. + { + ObjectMeta: metav1.ObjectMeta{ + Name: "node0", + CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), + Labels: map[string]string{ + kubeletapis.LabelZoneRegion: "region1", + kubeletapis.LabelZoneFailureDomain: "zone1", + }, + }, + Status: v1.NodeStatus{ + Conditions: []v1.NodeCondition{ + { + Type: v1.NodeReady, + Status: v1.ConditionUnknown, + LastHeartbeatTime: metav1.Date(2015, 1, 1, 12, 0, 0, 0, time.UTC), + LastTransitionTime: metav1.Date(2015, 1, 1, 12, 0, 0, 0, time.UTC), + }, + }, + }, + }, + // Because of the logic that prevents NC from evicting anything when all Nodes are NotReady + // we need second healthy node in tests. + { + ObjectMeta: metav1.ObjectMeta{ + Name: "node1", + CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), + Labels: map[string]string{ + kubeletapis.LabelZoneRegion: "region1", + kubeletapis.LabelZoneFailureDomain: "zone1", + }, + }, + Status: v1.NodeStatus{ + Conditions: []v1.NodeCondition{ + { + Type: v1.NodeReady, + Status: v1.ConditionTrue, + LastHeartbeatTime: metav1.Date(2017, 1, 1, 12, 0, 0, 0, time.UTC), + LastTransitionTime: metav1.Date(2017, 1, 1, 12, 0, 0, 0, time.UTC), + }, + }, + }, + }, + // NotReady Taint with NoExecute effect should be applied to this node. + { + ObjectMeta: metav1.ObjectMeta{ + Name: "node2", + CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), + Labels: map[string]string{ + kubeletapis.LabelZoneRegion: "region1", + kubeletapis.LabelZoneFailureDomain: "zone1", + }, + }, + Status: v1.NodeStatus{ + Conditions: []v1.NodeCondition{ + { + Type: v1.NodeReady, + Status: v1.ConditionFalse, + LastHeartbeatTime: metav1.Date(2015, 1, 1, 12, 0, 0, 0, time.UTC), + LastTransitionTime: metav1.Date(2015, 1, 1, 12, 0, 0, 0, time.UTC), + }, + }, + }, + }, + }, + Clientset: fake.NewSimpleClientset(&v1.PodList{Items: []v1.Pod{*testutil.NewPod("pod0", "node0")}}), + } + healthyNodeNewStatus := v1.NodeStatus{ + Conditions: []v1.NodeCondition{ + { + Type: v1.NodeReady, + Status: v1.ConditionTrue, + LastHeartbeatTime: metav1.Date(2017, 1, 1, 12, 10, 0, 0, time.UTC), + LastTransitionTime: metav1.Date(2017, 1, 1, 12, 0, 0, 0, time.UTC), + }, + }, + } + originalTaint := UnreachableTaintTemplate + nodeController, _ := newNodeLifecycleControllerFromClient( + nil, + fakeNodeHandler, + evictionTimeout, + testRateLimiterQPS, + testRateLimiterQPS, + testLargeClusterThreshold, + testUnhealthyThreshold, + testNodeMonitorGracePeriod, + testNodeStartupGracePeriod, + testNodeMonitorPeriod, + true) + nodeController.now = func() metav1.Time { return fakeNow } + nodeController.recorder = testutil.NewFakeRecorder() + if err := nodeController.syncNodeStore(fakeNodeHandler); err != nil { + t.Errorf("unexpected error: %v", err) + } + if err := nodeController.monitorNodeHealth(); err != nil { + t.Errorf("unexpected error: %v", err) + } + nodeController.doNoExecuteTaintingPass() + node0, err := fakeNodeHandler.Get("node0", metav1.GetOptions{}) + if err != nil { + t.Errorf("Can't get current node0...") + return + } + if !taintutils.TaintExists(node0.Spec.Taints, UnreachableTaintTemplate) { + t.Errorf("Can't find taint %v in %v", originalTaint, node0.Spec.Taints) + } + node2, err := fakeNodeHandler.Get("node2", metav1.GetOptions{}) + if err != nil { + t.Errorf("Can't get current node2...") + return + } + if !taintutils.TaintExists(node2.Spec.Taints, NotReadyTaintTemplate) { + t.Errorf("Can't find taint %v in %v", NotReadyTaintTemplate, node2.Spec.Taints) + } + + // Make node3 healthy again. + node2.Status = healthyNodeNewStatus + _, err = fakeNodeHandler.UpdateStatus(node2) + if err != nil { + t.Errorf(err.Error()) + return + } + if err := nodeController.syncNodeStore(fakeNodeHandler); err != nil { + t.Errorf("unexpected error: %v", err) + } + if err := nodeController.monitorNodeHealth(); err != nil { + t.Errorf("unexpected error: %v", err) + } + nodeController.doNoExecuteTaintingPass() + + node2, err = fakeNodeHandler.Get("node2", metav1.GetOptions{}) + if err != nil { + t.Errorf("Can't get current node2...") + return + } + // We should not see any taint on the node(especially the Not-Ready taint with NoExecute effect). + if taintutils.TaintExists(node2.Spec.Taints, NotReadyTaintTemplate) || len(node2.Spec.Taints) > 0 { + t.Errorf("Found taint %v in %v, which should not be present", NotReadyTaintTemplate, node2.Spec.Taints) + } +} + func TestSwapUnreachableNotReadyTaints(t *testing.T) { fakeNow := metav1.Date(2017, 1, 1, 12, 0, 0, 0, time.UTC) evictionTimeout := 10 * time.Minute diff --git a/pkg/controller/nodelifecycle/scheduler/BUILD b/pkg/controller/nodelifecycle/scheduler/BUILD index 5bd9454b4f5..d8f2f98790a 100644 --- a/pkg/controller/nodelifecycle/scheduler/BUILD +++ b/pkg/controller/nodelifecycle/scheduler/BUILD @@ -13,10 +13,12 @@ go_library( "//pkg/apis/core/helper:go_default_library", "//pkg/apis/core/v1/helper:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/fields:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", diff --git a/pkg/controller/nodelifecycle/scheduler/taint_manager.go b/pkg/controller/nodelifecycle/scheduler/taint_manager.go index b46450a7568..90e43757c4d 100644 --- a/pkg/controller/nodelifecycle/scheduler/taint_manager.go +++ b/pkg/controller/nodelifecycle/scheduler/taint_manager.go @@ -24,10 +24,12 @@ import ( "time" "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientset "k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes/scheme" v1core "k8s.io/client-go/kubernetes/typed/core/v1" @@ -51,39 +53,14 @@ const ( retries = 5 ) -// Needed to make workqueue work -type updateItemInterface interface{} - type nodeUpdateItem struct { - oldNode *v1.Node - newNode *v1.Node - newTaints []v1.Taint + nodeName string } type podUpdateItem struct { - oldPod *v1.Pod - newPod *v1.Pod - newTolerations []v1.Toleration -} - -func (n *nodeUpdateItem) name() string { - if n.newNode != nil { - return n.newNode.ObjectMeta.Name - } - if n.oldNode != nil { - return n.oldNode.ObjectMeta.Name - } - return "" -} - -func (p *podUpdateItem) nodeName() string { - if p.newPod != nil { - return p.newPod.Spec.NodeName - } - if p.oldPod != nil { - return p.oldPod.Spec.NodeName - } - return "" + podName string + podNamespace string + nodeName string } func hash(val string, max int) int { @@ -92,19 +69,27 @@ func hash(val string, max int) int { return int(hasher.Sum32() % uint32(max)) } +// GetPodFunc returns the pod for the specified name/namespace, or a NotFound error if missing. +type GetPodFunc func(name, namespace string) (*v1.Pod, error) + +// GetNodeFunc returns the node for the specified name, or a NotFound error if missing. +type GetNodeFunc func(name string) (*v1.Node, error) + // NoExecuteTaintManager listens to Taint/Toleration changes and is responsible for removing Pods // from Nodes tainted with NoExecute Taints. type NoExecuteTaintManager struct { client clientset.Interface recorder record.EventRecorder + getPod GetPodFunc + getNode GetNodeFunc taintEvictionQueue *TimedWorkerQueue // keeps a map from nodeName to all noExecute taints on that Node taintedNodesLock sync.Mutex taintedNodes map[string][]v1.Taint - nodeUpdateChannels []chan *nodeUpdateItem - podUpdateChannels []chan *podUpdateItem + nodeUpdateChannels []chan nodeUpdateItem + podUpdateChannels []chan podUpdateItem nodeUpdateQueue workqueue.Interface podUpdateQueue workqueue.Interface @@ -182,7 +167,7 @@ func getMinTolerationTime(tolerations []v1.Toleration) time.Duration { // NewNoExecuteTaintManager creates a new NoExecuteTaintManager that will use passed clientset to // communicate with the API server. -func NewNoExecuteTaintManager(c clientset.Interface) *NoExecuteTaintManager { +func NewNoExecuteTaintManager(c clientset.Interface, getPod GetPodFunc, getNode GetNodeFunc) *NoExecuteTaintManager { eventBroadcaster := record.NewBroadcaster() recorder := eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "taint-controller"}) eventBroadcaster.StartLogging(glog.Infof) @@ -196,6 +181,8 @@ func NewNoExecuteTaintManager(c clientset.Interface) *NoExecuteTaintManager { tm := &NoExecuteTaintManager{ client: c, recorder: recorder, + getPod: getPod, + getNode: getNode, taintedNodes: make(map[string][]v1.Taint), nodeUpdateQueue: workqueue.New(), @@ -211,8 +198,8 @@ func (tc *NoExecuteTaintManager) Run(stopCh <-chan struct{}) { glog.V(0).Infof("Starting NoExecuteTaintManager") for i := 0; i < UpdateWorkerSize; i++ { - tc.nodeUpdateChannels = append(tc.nodeUpdateChannels, make(chan *nodeUpdateItem, NodeUpdateChannelSize)) - tc.podUpdateChannels = append(tc.podUpdateChannels, make(chan *podUpdateItem, podUpdateChannelSize)) + tc.nodeUpdateChannels = append(tc.nodeUpdateChannels, make(chan nodeUpdateItem, NodeUpdateChannelSize)) + tc.podUpdateChannels = append(tc.podUpdateChannels, make(chan podUpdateItem, podUpdateChannelSize)) } // Functions that are responsible for taking work items out of the workqueues and putting them @@ -223,15 +210,15 @@ func (tc *NoExecuteTaintManager) Run(stopCh <-chan struct{}) { if shutdown { break } - nodeUpdate := item.(*nodeUpdateItem) - hash := hash(nodeUpdate.name(), UpdateWorkerSize) + nodeUpdate := item.(nodeUpdateItem) + hash := hash(nodeUpdate.nodeName, UpdateWorkerSize) select { case <-stopCh: tc.nodeUpdateQueue.Done(item) return case tc.nodeUpdateChannels[hash] <- nodeUpdate: + // tc.nodeUpdateQueue.Done is called by the nodeUpdateChannels worker } - tc.nodeUpdateQueue.Done(item) } }(stopCh) @@ -241,15 +228,15 @@ func (tc *NoExecuteTaintManager) Run(stopCh <-chan struct{}) { if shutdown { break } - podUpdate := item.(*podUpdateItem) - hash := hash(podUpdate.nodeName(), UpdateWorkerSize) + podUpdate := item.(podUpdateItem) + hash := hash(podUpdate.nodeName, UpdateWorkerSize) select { case <-stopCh: tc.podUpdateQueue.Done(item) return case tc.podUpdateChannels[hash] <- podUpdate: + // tc.podUpdateQueue.Done is called by the podUpdateChannels worker } - tc.podUpdateQueue.Done(item) } }(stopCh) @@ -274,6 +261,7 @@ func (tc *NoExecuteTaintManager) worker(worker int, done func(), stopCh <-chan s return case nodeUpdate := <-tc.nodeUpdateChannels[worker]: tc.handleNodeUpdate(nodeUpdate) + tc.nodeUpdateQueue.Done(nodeUpdate) case podUpdate := <-tc.podUpdateChannels[worker]: // If we found a Pod update we need to empty Node queue first. priority: @@ -281,63 +269,73 @@ func (tc *NoExecuteTaintManager) worker(worker int, done func(), stopCh <-chan s select { case nodeUpdate := <-tc.nodeUpdateChannels[worker]: tc.handleNodeUpdate(nodeUpdate) + tc.nodeUpdateQueue.Done(nodeUpdate) default: break priority } } // After Node queue is emptied we process podUpdate. tc.handlePodUpdate(podUpdate) + tc.podUpdateQueue.Done(podUpdate) } } } // PodUpdated is used to notify NoExecuteTaintManager about Pod changes. func (tc *NoExecuteTaintManager) PodUpdated(oldPod *v1.Pod, newPod *v1.Pod) { + podName := "" + podNamespace := "" + nodeName := "" oldTolerations := []v1.Toleration{} if oldPod != nil { + podName = oldPod.Name + podNamespace = oldPod.Namespace + nodeName = oldPod.Spec.NodeName oldTolerations = oldPod.Spec.Tolerations } newTolerations := []v1.Toleration{} if newPod != nil { + podName = newPod.Name + podNamespace = newPod.Namespace + nodeName = newPod.Spec.NodeName newTolerations = newPod.Spec.Tolerations } if oldPod != nil && newPod != nil && helper.Semantic.DeepEqual(oldTolerations, newTolerations) && oldPod.Spec.NodeName == newPod.Spec.NodeName { return } - updateItem := &podUpdateItem{ - oldPod: oldPod, - newPod: newPod, - newTolerations: newTolerations, + updateItem := podUpdateItem{ + podName: podName, + podNamespace: podNamespace, + nodeName: nodeName, } - tc.podUpdateQueue.Add(updateItemInterface(updateItem)) + tc.podUpdateQueue.Add(updateItem) } // NodeUpdated is used to notify NoExecuteTaintManager about Node changes. func (tc *NoExecuteTaintManager) NodeUpdated(oldNode *v1.Node, newNode *v1.Node) { + nodeName := "" oldTaints := []v1.Taint{} if oldNode != nil { - oldTaints = oldNode.Spec.Taints + nodeName = oldNode.Name + oldTaints = getNoExecuteTaints(oldNode.Spec.Taints) } - oldTaints = getNoExecuteTaints(oldTaints) newTaints := []v1.Taint{} if newNode != nil { - newTaints = newNode.Spec.Taints + nodeName = newNode.Name + newTaints = getNoExecuteTaints(newNode.Spec.Taints) } - newTaints = getNoExecuteTaints(newTaints) if oldNode != nil && newNode != nil && helper.Semantic.DeepEqual(oldTaints, newTaints) { return } - updateItem := &nodeUpdateItem{ - oldNode: oldNode, - newNode: newNode, - newTaints: newTaints, + updateItem := nodeUpdateItem{ + nodeName: nodeName, } - tc.nodeUpdateQueue.Add(updateItemInterface(updateItem)) + tc.nodeUpdateQueue.Add(updateItem) } func (tc *NoExecuteTaintManager) cancelWorkWithEvent(nsName types.NamespacedName) { @@ -384,17 +382,26 @@ func (tc *NoExecuteTaintManager) processPodOnNode( tc.taintEvictionQueue.AddWork(NewWorkArgs(podNamespacedName.Name, podNamespacedName.Namespace), startTime, triggerTime) } -func (tc *NoExecuteTaintManager) handlePodUpdate(podUpdate *podUpdateItem) { - // Delete - if podUpdate.newPod == nil { - pod := podUpdate.oldPod - podNamespacedName := types.NamespacedName{Namespace: pod.Namespace, Name: pod.Name} - glog.V(4).Infof("Noticed pod deletion: %#v", podNamespacedName) - tc.cancelWorkWithEvent(podNamespacedName) +func (tc *NoExecuteTaintManager) handlePodUpdate(podUpdate podUpdateItem) { + pod, err := tc.getPod(podUpdate.podName, podUpdate.podNamespace) + if err != nil { + if apierrors.IsNotFound(err) { + // Delete + podNamespacedName := types.NamespacedName{Namespace: podUpdate.podNamespace, Name: podUpdate.podName} + glog.V(4).Infof("Noticed pod deletion: %#v", podNamespacedName) + tc.cancelWorkWithEvent(podNamespacedName) + return + } + utilruntime.HandleError(fmt.Errorf("could not get pod %s/%s: %v", podUpdate.podName, podUpdate.podNamespace, err)) return } + + // We key the workqueue and shard workers by nodeName. If we don't match the current state we should not be the one processing the current object. + if pod.Spec.NodeName != podUpdate.nodeName { + return + } + // Create or Update - pod := podUpdate.newPod podNamespacedName := types.NamespacedName{Namespace: pod.Namespace, Name: pod.Name} glog.V(4).Infof("Noticed pod update: %#v", podNamespacedName) nodeName := pod.Spec.NodeName @@ -412,23 +419,27 @@ func (tc *NoExecuteTaintManager) handlePodUpdate(podUpdate *podUpdateItem) { if !ok { return } - tc.processPodOnNode(podNamespacedName, nodeName, podUpdate.newTolerations, taints, time.Now()) + tc.processPodOnNode(podNamespacedName, nodeName, pod.Spec.Tolerations, taints, time.Now()) } -func (tc *NoExecuteTaintManager) handleNodeUpdate(nodeUpdate *nodeUpdateItem) { - // Delete - if nodeUpdate.newNode == nil { - node := nodeUpdate.oldNode - glog.V(4).Infof("Noticed node deletion: %#v", node.Name) - tc.taintedNodesLock.Lock() - defer tc.taintedNodesLock.Unlock() - delete(tc.taintedNodes, node.Name) +func (tc *NoExecuteTaintManager) handleNodeUpdate(nodeUpdate nodeUpdateItem) { + node, err := tc.getNode(nodeUpdate.nodeName) + if err != nil { + if apierrors.IsNotFound(err) { + // Delete + glog.V(4).Infof("Noticed node deletion: %#v", nodeUpdate.nodeName) + tc.taintedNodesLock.Lock() + defer tc.taintedNodesLock.Unlock() + delete(tc.taintedNodes, nodeUpdate.nodeName) + return + } + utilruntime.HandleError(fmt.Errorf("cannot get node %s: %v", nodeUpdate.nodeName, err)) return } + // Create or Update glog.V(4).Infof("Noticed node update: %#v", nodeUpdate) - node := nodeUpdate.newNode - taints := nodeUpdate.newTaints + taints := getNoExecuteTaints(node.Spec.Taints) func() { tc.taintedNodesLock.Lock() defer tc.taintedNodesLock.Unlock() diff --git a/pkg/controller/nodelifecycle/scheduler/taint_manager_test.go b/pkg/controller/nodelifecycle/scheduler/taint_manager_test.go index 926761b4fa7..7a8504f258a 100644 --- a/pkg/controller/nodelifecycle/scheduler/taint_manager_test.go +++ b/pkg/controller/nodelifecycle/scheduler/taint_manager_test.go @@ -19,6 +19,7 @@ package scheduler import ( "fmt" "sort" + "sync" "testing" "time" @@ -32,6 +33,42 @@ import ( var timeForControllerToProgress = 500 * time.Millisecond +func getPodFromClientset(clientset *fake.Clientset) GetPodFunc { + return func(name, namespace string) (*v1.Pod, error) { + return clientset.CoreV1().Pods(namespace).Get(name, metav1.GetOptions{}) + } +} + +func getNodeFromClientset(clientset *fake.Clientset) GetNodeFunc { + return func(name string) (*v1.Node, error) { + return clientset.CoreV1().Nodes().Get(name, metav1.GetOptions{}) + } +} + +type podHolder struct { + pod *v1.Pod + sync.Mutex +} + +func (p *podHolder) getPod(name, namespace string) (*v1.Pod, error) { + p.Lock() + defer p.Unlock() + return p.pod, nil +} +func (p *podHolder) setPod(pod *v1.Pod) { + p.Lock() + defer p.Unlock() + p.pod = pod +} + +type nodeHolder struct { + node *v1.Node +} + +func (n *nodeHolder) getNode(name string) (*v1.Node, error) { + return n.node, nil +} + func createNoExecuteTaint(index int) v1.Taint { now := metav1.Now() return v1.Taint{ @@ -150,7 +187,7 @@ func TestCreatePod(t *testing.T) { for _, item := range testCases { stopCh := make(chan struct{}) fakeClientset := fake.NewSimpleClientset() - controller := NewNoExecuteTaintManager(fakeClientset) + controller := NewNoExecuteTaintManager(fakeClientset, (&podHolder{pod: item.pod}).getPod, getNodeFromClientset(fakeClientset)) controller.recorder = testutil.NewFakeRecorder() go controller.Run(stopCh) controller.taintedNodes = item.taintedNodes @@ -174,7 +211,7 @@ func TestCreatePod(t *testing.T) { func TestDeletePod(t *testing.T) { stopCh := make(chan struct{}) fakeClientset := fake.NewSimpleClientset() - controller := NewNoExecuteTaintManager(fakeClientset) + controller := NewNoExecuteTaintManager(fakeClientset, getPodFromClientset(fakeClientset), getNodeFromClientset(fakeClientset)) controller.recorder = testutil.NewFakeRecorder() go controller.Run(stopCh) controller.taintedNodes = map[string][]v1.Taint{ @@ -237,14 +274,17 @@ func TestUpdatePod(t *testing.T) { for _, item := range testCases { stopCh := make(chan struct{}) fakeClientset := fake.NewSimpleClientset() - controller := NewNoExecuteTaintManager(fakeClientset) + holder := &podHolder{} + controller := NewNoExecuteTaintManager(fakeClientset, holder.getPod, getNodeFromClientset(fakeClientset)) controller.recorder = testutil.NewFakeRecorder() go controller.Run(stopCh) controller.taintedNodes = item.taintedNodes + holder.setPod(item.prevPod) controller.PodUpdated(nil, item.prevPod) fakeClientset.ClearActions() time.Sleep(timeForControllerToProgress) + holder.setPod(item.newPod) controller.PodUpdated(item.prevPod, item.newPod) // wait a bit time.Sleep(timeForControllerToProgress) @@ -301,7 +341,7 @@ func TestCreateNode(t *testing.T) { for _, item := range testCases { stopCh := make(chan struct{}) fakeClientset := fake.NewSimpleClientset(&v1.PodList{Items: item.pods}) - controller := NewNoExecuteTaintManager(fakeClientset) + controller := NewNoExecuteTaintManager(fakeClientset, getPodFromClientset(fakeClientset), (&nodeHolder{item.node}).getNode) controller.recorder = testutil.NewFakeRecorder() go controller.Run(stopCh) controller.NodeUpdated(nil, item.node) @@ -324,7 +364,7 @@ func TestCreateNode(t *testing.T) { func TestDeleteNode(t *testing.T) { stopCh := make(chan struct{}) fakeClientset := fake.NewSimpleClientset() - controller := NewNoExecuteTaintManager(fakeClientset) + controller := NewNoExecuteTaintManager(fakeClientset, getPodFromClientset(fakeClientset), getNodeFromClientset(fakeClientset)) controller.recorder = testutil.NewFakeRecorder() controller.taintedNodes = map[string][]v1.Taint{ "node1": {createNoExecuteTaint(1)}, @@ -422,7 +462,7 @@ func TestUpdateNode(t *testing.T) { for _, item := range testCases { stopCh := make(chan struct{}) fakeClientset := fake.NewSimpleClientset(&v1.PodList{Items: item.pods}) - controller := NewNoExecuteTaintManager(fakeClientset) + controller := NewNoExecuteTaintManager(fakeClientset, getPodFromClientset(fakeClientset), (&nodeHolder{item.newNode}).getNode) controller.recorder = testutil.NewFakeRecorder() go controller.Run(stopCh) controller.NodeUpdated(item.oldNode, item.newNode) @@ -488,7 +528,7 @@ func TestUpdateNodeWithMultiplePods(t *testing.T) { stopCh := make(chan struct{}) fakeClientset := fake.NewSimpleClientset(&v1.PodList{Items: item.pods}) sort.Sort(item.expectedDeleteTimes) - controller := NewNoExecuteTaintManager(fakeClientset) + controller := NewNoExecuteTaintManager(fakeClientset, getPodFromClientset(fakeClientset), (&nodeHolder{item.newNode}).getNode) controller.recorder = testutil.NewFakeRecorder() go controller.Run(stopCh) controller.NodeUpdated(item.oldNode, item.newNode) diff --git a/pkg/controller/replicaset/replica_set_test.go b/pkg/controller/replicaset/replica_set_test.go index f737e9d27a6..278601d0efa 100644 --- a/pkg/controller/replicaset/replica_set_test.go +++ b/pkg/controller/replicaset/replica_set_test.go @@ -1240,10 +1240,8 @@ func TestGetCondition(t *testing.T) { tests := []struct { name string - status apps.ReplicaSetStatus - condType apps.ReplicaSetConditionType - condStatus v1.ConditionStatus - condReason string + status apps.ReplicaSetStatus + condType apps.ReplicaSetConditionType expected bool }{ diff --git a/pkg/features/kube_features.go b/pkg/features/kube_features.go index df10d06fd6a..52b359864db 100644 --- a/pkg/features/kube_features.go +++ b/pkg/features/kube_features.go @@ -60,8 +60,8 @@ const ( // Enables support for Device Plugins DevicePlugins utilfeature.Feature = "DevicePlugins" - // owner: @gmarek - // alpha: v1.6 + // owner: @Huang-Wei + // beta: v1.13 // // Changes the logic behind evicting Pods from not ready Nodes // to take advantage of NoExecute Taints and Tolerations. @@ -392,7 +392,7 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS ExperimentalHostUserNamespaceDefaultingGate: {Default: false, PreRelease: utilfeature.Beta}, ExperimentalCriticalPodAnnotation: {Default: false, PreRelease: utilfeature.Alpha}, DevicePlugins: {Default: true, PreRelease: utilfeature.Beta}, - TaintBasedEvictions: {Default: false, PreRelease: utilfeature.Alpha}, + TaintBasedEvictions: {Default: true, PreRelease: utilfeature.Beta}, RotateKubeletServerCertificate: {Default: true, PreRelease: utilfeature.Beta}, RotateKubeletClientCertificate: {Default: true, PreRelease: utilfeature.Beta}, PersistentLocalVolumes: {Default: true, PreRelease: utilfeature.Beta}, diff --git a/pkg/generated/openapi/BUILD b/pkg/generated/openapi/BUILD index 111670e7ea0..add075d92e4 100644 --- a/pkg/generated/openapi/BUILD +++ b/pkg/generated/openapi/BUILD @@ -14,6 +14,7 @@ openapi_library( "cmd/cloud-controller-manager/app/apis/config/v1alpha1", "pkg/apis/abac/v0", "pkg/apis/abac/v1beta1", + "pkg/apis/auditregistration", "pkg/version", ], tags = ["automanaged"], @@ -25,6 +26,7 @@ openapi_library( "k8s.io/api/apps/v1", "k8s.io/api/apps/v1beta1", "k8s.io/api/apps/v1beta2", + "k8s.io/api/auditregistration/v1alpha1", "k8s.io/api/authentication/v1", "k8s.io/api/authentication/v1beta1", "k8s.io/api/authorization/v1", diff --git a/pkg/kubectl/BUILD b/pkg/kubectl/BUILD index b993d1c12bf..123772dcfce 100644 --- a/pkg/kubectl/BUILD +++ b/pkg/kubectl/BUILD @@ -62,10 +62,10 @@ go_library( deps = [ "//pkg/apis/core:go_default_library", "//pkg/apis/core/v1:go_default_library", - "//pkg/controller/deployment/util:go_default_library", "//pkg/kubectl/apps:go_default_library", "//pkg/kubectl/scheme:go_default_library", "//pkg/kubectl/util:go_default_library", + "//pkg/kubectl/util/deployment:go_default_library", "//pkg/kubectl/util/podutils:go_default_library", "//pkg/kubectl/util/slice:go_default_library", "//pkg/printers:go_default_library", @@ -118,6 +118,7 @@ filegroup( "//pkg/kubectl/describe:all-srcs", "//pkg/kubectl/explain:all-srcs", "//pkg/kubectl/generate:all-srcs", + "//pkg/kubectl/generated:all-srcs", "//pkg/kubectl/metricsutil:all-srcs", "//pkg/kubectl/polymorphichelpers:all-srcs", "//pkg/kubectl/proxy:all-srcs", diff --git a/pkg/kubectl/cmd/apiresources/apiresources.go b/pkg/kubectl/cmd/apiresources/apiresources.go index 177328a4039..b3f84bae973 100644 --- a/pkg/kubectl/cmd/apiresources/apiresources.go +++ b/pkg/kubectl/cmd/apiresources/apiresources.go @@ -86,7 +86,8 @@ func NewCmdApiResources(f cmdutil.Factory, ioStreams genericclioptions.IOStreams Long: "Print the supported API resources on the server", Example: apiresourcesExample, Run: func(cmd *cobra.Command, args []string) { - cmdutil.CheckErr(o.Validate(cmd)) + cmdutil.CheckErr(o.Complete(cmd, args)) + cmdutil.CheckErr(o.Validate()) cmdutil.CheckErr(o.RunApiResources(cmd, f)) }, } @@ -101,7 +102,7 @@ func NewCmdApiResources(f cmdutil.Factory, ioStreams genericclioptions.IOStreams return cmd } -func (o *ApiResourcesOptions) Validate(cmd *cobra.Command) error { +func (o *ApiResourcesOptions) Validate() error { supportedOutputTypes := sets.NewString("", "wide", "name") if !supportedOutputTypes.Has(o.Output) { return fmt.Errorf("--output %v is not available", o.Output) @@ -109,6 +110,13 @@ func (o *ApiResourcesOptions) Validate(cmd *cobra.Command) error { return nil } +func (o *ApiResourcesOptions) Complete(cmd *cobra.Command, args []string) error { + if len(args) != 0 { + return cmdutil.UsageErrorf(cmd, "unexpected args: %v", args) + } + return nil +} + func (o *ApiResourcesOptions) RunApiResources(cmd *cobra.Command, f cmdutil.Factory) error { w := printers.GetNewTabWriter(o.Out) defer w.Flush() diff --git a/pkg/kubectl/cmd/apiresources/apiversions.go b/pkg/kubectl/cmd/apiresources/apiversions.go index 9a6b3c3e8a1..57760860757 100644 --- a/pkg/kubectl/cmd/apiresources/apiversions.go +++ b/pkg/kubectl/cmd/apiresources/apiversions.go @@ -56,14 +56,17 @@ func NewCmdApiVersions(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) Long: "Print the supported API versions on the server, in the form of \"group/version\"", Example: apiversionsExample, Run: func(cmd *cobra.Command, args []string) { - cmdutil.CheckErr(o.Complete(f)) + cmdutil.CheckErr(o.Complete(f, cmd, args)) cmdutil.CheckErr(o.RunApiVersions()) }, } return cmd } -func (o *ApiVersionsOptions) Complete(f cmdutil.Factory) error { +func (o *ApiVersionsOptions) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) error { + if len(args) != 0 { + return cmdutil.UsageErrorf(cmd, "unexpected args: %v", args) + } var err error o.discoveryClient, err = f.ToDiscoveryClient() if err != nil { diff --git a/pkg/kubectl/cmd/config/create_context.go b/pkg/kubectl/cmd/config/create_context.go index 0a88a579505..50b965cc629 100644 --- a/pkg/kubectl/cmd/config/create_context.go +++ b/pkg/kubectl/cmd/config/create_context.go @@ -142,10 +142,10 @@ func (o *createContextOptions) complete(cmd *cobra.Command) error { func (o createContextOptions) validate() error { if len(o.name) == 0 && !o.currContext { - return errors.New("you must specify a non-empty context name or --current-context") + return errors.New("you must specify a non-empty context name or --current") } if len(o.name) > 0 && o.currContext { - return errors.New("you cannot specify a context name and --current-context") + return errors.New("you cannot specify both a context name and --current") } return nil diff --git a/pkg/kubectl/cmd/cp/BUILD b/pkg/kubectl/cmd/cp/BUILD index ffa5a2ccfbb..b20c5ace5fd 100644 --- a/pkg/kubectl/cmd/cp/BUILD +++ b/pkg/kubectl/cmd/cp/BUILD @@ -23,6 +23,7 @@ go_test( srcs = ["cp_test.go"], embed = [":go_default_library"], deps = [ + "//pkg/kubectl/cmd/exec:go_default_library", "//pkg/kubectl/cmd/testing:go_default_library", "//pkg/kubectl/scheme:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", diff --git a/pkg/kubectl/cmd/cp/cp.go b/pkg/kubectl/cmd/cp/cp.go index 8b4817d6749..a3b62fdeebd 100644 --- a/pkg/kubectl/cmd/cp/cp.go +++ b/pkg/kubectl/cmd/cp/cp.go @@ -67,8 +67,9 @@ var ( ) type CopyOptions struct { - Container string - Namespace string + Container string + Namespace string + NoPreserve bool ClientConfig *restclient.Config Clientset kubernetes.Interface @@ -98,6 +99,7 @@ func NewCmdCp(f cmdutil.Factory, ioStreams genericclioptions.IOStreams) *cobra.C }, } cmd.Flags().StringVarP(&o.Container, "container", "c", o.Container, "Container name. If omitted, the first container in the pod will be chosen") + cmd.Flags().BoolVarP(&o.NoPreserve, "no-preserve", "", false, "The copied file/directory's ownership and permissions will not be preserved in the container") return cmd } @@ -179,7 +181,7 @@ func (o *CopyOptions) Run(args []string) error { if len(srcSpec.PodName) != 0 && len(destSpec.PodName) != 0 { if _, err := os.Stat(args[0]); err == nil { - return o.copyToPod(fileSpec{File: args[0]}, destSpec) + return o.copyToPod(fileSpec{File: args[0]}, destSpec, &exec.ExecOptions{}) } return fmt.Errorf("src doesn't exist in local filesystem") } @@ -188,7 +190,7 @@ func (o *CopyOptions) Run(args []string) error { return o.copyFromPod(srcSpec, destSpec) } if len(destSpec.PodName) != 0 { - return o.copyToPod(srcSpec, destSpec) + return o.copyToPod(srcSpec, destSpec, &exec.ExecOptions{}) } return fmt.Errorf("one of src or dest must be a remote file specification") } @@ -216,7 +218,7 @@ func (o *CopyOptions) checkDestinationIsDir(dest fileSpec) error { return o.execute(options) } -func (o *CopyOptions) copyToPod(src, dest fileSpec) error { +func (o *CopyOptions) copyToPod(src, dest fileSpec, options *exec.ExecOptions) error { if len(src.File) == 0 || len(dest.File) == 0 { return errFileCannotBeEmpty } @@ -238,30 +240,33 @@ func (o *CopyOptions) copyToPod(src, dest fileSpec) error { err := makeTar(src.File, dest.File, writer) cmdutil.CheckErr(err) }() + var cmdArr []string // TODO: Improve error messages by first testing if 'tar' is present in the container? - cmdArr := []string{"tar", "xf", "-"} + if o.NoPreserve { + cmdArr = []string{"tar", "--no-same-permissions", "--no-same-owner", "-xf", "-"} + } else { + cmdArr = []string{"tar", "-xf", "-"} + } destDir := path.Dir(dest.File) if len(destDir) > 0 { cmdArr = append(cmdArr, "-C", destDir) } - options := &exec.ExecOptions{ - StreamOptions: exec.StreamOptions{ - IOStreams: genericclioptions.IOStreams{ - In: reader, - Out: o.Out, - ErrOut: o.ErrOut, - }, - Stdin: true, - - Namespace: dest.PodNamespace, - PodName: dest.PodName, + options.StreamOptions = exec.StreamOptions{ + IOStreams: genericclioptions.IOStreams{ + In: reader, + Out: o.Out, + ErrOut: o.ErrOut, }, + Stdin: true, - Command: cmdArr, - Executor: &exec.DefaultRemoteExecutor{}, + Namespace: dest.PodNamespace, + PodName: dest.PodName, } + + options.Command = cmdArr + options.Executor = &exec.DefaultRemoteExecutor{} return o.execute(options) } diff --git a/pkg/kubectl/cmd/cp/cp_test.go b/pkg/kubectl/cmd/cp/cp_test.go index f1e7f38f1a1..1764f8a55b3 100644 --- a/pkg/kubectl/cmd/cp/cp_test.go +++ b/pkg/kubectl/cmd/cp/cp_test.go @@ -26,6 +26,7 @@ import ( "os/exec" "path" "path/filepath" + "reflect" "strings" "testing" @@ -35,6 +36,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/cli-runtime/pkg/genericclioptions" "k8s.io/client-go/rest/fake" + kexec "k8s.io/kubernetes/pkg/kubectl/cmd/exec" cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing" "k8s.io/kubernetes/pkg/kubectl/scheme" ) @@ -629,7 +631,7 @@ func TestCopyToPod(t *testing.T) { } opts.Complete(tf, cmd) t.Run(name, func(t *testing.T) { - err = opts.copyToPod(src, dest) + err = opts.copyToPod(src, dest, &kexec.ExecOptions{}) //If error is NotFound error , it indicates that the //request has been sent correctly. //Treat this as no error. @@ -643,6 +645,68 @@ func TestCopyToPod(t *testing.T) { } } +func TestCopyToPodNoPreserve(t *testing.T) { + tf := cmdtesting.NewTestFactory().WithNamespace("test") + ns := scheme.Codecs + codec := scheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...) + + tf.Client = &fake.RESTClient{ + GroupVersion: schema.GroupVersion{Group: "", Version: "v1"}, + NegotiatedSerializer: ns, + Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) { + responsePod := &v1.Pod{} + return &http.Response{StatusCode: http.StatusNotFound, Header: cmdtesting.DefaultHeader(), Body: ioutil.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(codec, responsePod))))}, nil + }), + } + + tf.ClientConfigVal = cmdtesting.DefaultClientConfig() + ioStreams, _, _, _ := genericclioptions.NewTestIOStreams() + + cmd := NewCmdCp(tf, ioStreams) + + srcFile, err := ioutil.TempDir("", "test") + if err != nil { + t.Errorf("unexpected error: %v", err) + t.FailNow() + } + defer os.RemoveAll(srcFile) + + tests := map[string]struct { + expectedCmd []string + nopreserve bool + }{ + "copy to pod no preserve user and permissions": { + expectedCmd: []string{"tar", "--no-same-permissions", "--no-same-owner", "-xf", "-", "-C", "."}, + nopreserve: true, + }, + "copy to pod preserve user and permissions": { + expectedCmd: []string{"tar", "-xf", "-", "-C", "."}, + nopreserve: false, + }, + } + opts := NewCopyOptions(ioStreams) + src := fileSpec{ + File: srcFile, + } + dest := fileSpec{ + PodNamespace: "pod-ns", + PodName: "pod-name", + File: "foo", + } + opts.Complete(tf, cmd) + + for name, test := range tests { + t.Run(name, func(t *testing.T) { + options := &kexec.ExecOptions{} + opts.NoPreserve = test.nopreserve + err = opts.copyToPod(src, dest, options) + if !(reflect.DeepEqual(test.expectedCmd, options.Command)) { + t.Errorf("expected cmd: %v, got: %v", test.expectedCmd, options.Command) + } + }) + } +} + func TestValidate(t *testing.T) { tests := []struct { name string diff --git a/pkg/kubectl/cmd/delete/delete.go b/pkg/kubectl/cmd/delete/delete.go index 7a0c60919d2..b34bc9fa751 100644 --- a/pkg/kubectl/cmd/delete/delete.go +++ b/pkg/kubectl/cmd/delete/delete.go @@ -126,7 +126,7 @@ func NewCmdDelete(f cmdutil.Factory, streams genericclioptions.IOStreams) *cobra Run: func(cmd *cobra.Command, args []string) { o := deleteFlags.ToOptions(nil, streams) cmdutil.CheckErr(o.Complete(f, args, cmd)) - cmdutil.CheckErr(o.Validate(cmd)) + cmdutil.CheckErr(o.Validate()) cmdutil.CheckErr(o.RunDelete()) }, SuggestFor: []string{"rm"}, @@ -194,9 +194,9 @@ func (o *DeleteOptions) Complete(f cmdutil.Factory, args []string, cmd *cobra.Co return nil } -func (o *DeleteOptions) Validate(cmd *cobra.Command) error { +func (o *DeleteOptions) Validate() error { if o.Output != "" && o.Output != "name" { - return cmdutil.UsageErrorf(cmd, "Unexpected -o output mode: %v. We only support '-o name'.", o.Output) + return fmt.Errorf("unexpected -o output mode: %v. We only support '-o name'.", o.Output) } if o.DeleteAll && len(o.LabelSelector) > 0 { @@ -206,11 +206,6 @@ func (o *DeleteOptions) Validate(cmd *cobra.Command) error { return fmt.Errorf("cannot set --all and --field-selector at the same time") } - if o.GracePeriod == 0 && !o.ForceDeletion && !o.WaitForDeletion { - // With the explicit --wait flag we need extra validation for backward compatibility - return fmt.Errorf("--grace-period=0 must have either --force specified, or --wait to be set to true") - } - switch { case o.GracePeriod == 0 && o.ForceDeletion: fmt.Fprintf(o.ErrOut, "warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.\n") diff --git a/pkg/kubectl/describe/versioned/BUILD b/pkg/kubectl/describe/versioned/BUILD index 988d7ecc22a..b0c4d44ed46 100644 --- a/pkg/kubectl/describe/versioned/BUILD +++ b/pkg/kubectl/describe/versioned/BUILD @@ -6,13 +6,11 @@ go_library( importpath = "k8s.io/kubernetes/pkg/kubectl/describe/versioned", visibility = ["//visibility:public"], deps = [ - "//pkg/client/clientset_generated/internalclientset:go_default_library", "//pkg/kubectl/describe:go_default_library", "//pkg/printers:go_default_library", "//pkg/printers/internalversion:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", - "//staging/src/k8s.io/client-go/dynamic:go_default_library", ], ) diff --git a/pkg/kubectl/describe/versioned/describe.go b/pkg/kubectl/describe/versioned/describe.go index 7246126ed94..b79b9ca20e0 100644 --- a/pkg/kubectl/describe/versioned/describe.go +++ b/pkg/kubectl/describe/versioned/describe.go @@ -21,8 +21,6 @@ import ( "k8s.io/apimachinery/pkg/api/meta" "k8s.io/cli-runtime/pkg/genericclioptions" - "k8s.io/client-go/dynamic" - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" "k8s.io/kubernetes/pkg/kubectl/describe" "k8s.io/kubernetes/pkg/printers" printersinternal "k8s.io/kubernetes/pkg/printers/internalversion" @@ -42,32 +40,9 @@ func Describer(restClientGetter genericclioptions.RESTClientGetter, mapping *met return describer, nil } // if this is a kind we don't have a describer for yet, go generic if possible - if genericDescriber, genericErr := genericDescriber(restClientGetter, mapping); genericErr == nil { + if genericDescriber, ok := printersinternal.GenericDescriberFor(mapping, clientConfig); ok { return genericDescriber, nil } // otherwise return an unregistered error return nil, fmt.Errorf("no description has been implemented for %s", mapping.GroupVersionKind.String()) } - -// helper function to make a generic describer, or return an error -func genericDescriber(restClientGetter genericclioptions.RESTClientGetter, mapping *meta.RESTMapping) (printers.Describer, error) { - clientConfig, err := restClientGetter.ToRESTConfig() - if err != nil { - return nil, err - } - - // used to fetch the resource - dynamicClient, err := dynamic.NewForConfig(clientConfig) - if err != nil { - return nil, err - } - - // used to get events for the resource - clientSet, err := internalclientset.NewForConfig(clientConfig) - if err != nil { - return nil, err - } - - eventsClient := clientSet.Core() - return printersinternal.GenericDescriberFor(mapping, dynamicClient, eventsClient), nil -} diff --git a/pkg/kubectl/generated/BUILD b/pkg/kubectl/generated/BUILD new file mode 100644 index 00000000000..9ab5fd6ccdd --- /dev/null +++ b/pkg/kubectl/generated/BUILD @@ -0,0 +1,22 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["bindata.go"], + importpath = "k8s.io/kubernetes/pkg/kubectl/generated", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/generated/bindata.go b/pkg/kubectl/generated/bindata.go similarity index 100% rename from pkg/generated/bindata.go rename to pkg/kubectl/generated/bindata.go diff --git a/pkg/kubectl/history.go b/pkg/kubectl/history.go index 4fcd4e526d7..be49c2cf94a 100644 --- a/pkg/kubectl/history.go +++ b/pkg/kubectl/history.go @@ -23,7 +23,7 @@ import ( "text/tabwriter" appsv1 "k8s.io/api/apps/v1" - "k8s.io/api/core/v1" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -36,8 +36,8 @@ import ( clientappsv1 "k8s.io/client-go/kubernetes/typed/apps/v1" api "k8s.io/kubernetes/pkg/apis/core" apiv1 "k8s.io/kubernetes/pkg/apis/core/v1" - deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util" kapps "k8s.io/kubernetes/pkg/kubectl/apps" + deploymentutil "k8s.io/kubernetes/pkg/kubectl/util/deployment" sliceutil "k8s.io/kubernetes/pkg/kubectl/util/slice" printersinternal "k8s.io/kubernetes/pkg/printers/internalversion" ) @@ -116,7 +116,7 @@ func (h *DeploymentHistoryViewer) ViewHistory(namespace, name string, revision i allRSs = append(allRSs, newRS) } - historyInfo := make(map[int64]*v1.PodTemplateSpec) + historyInfo := make(map[int64]*corev1.PodTemplateSpec) for _, rs := range allRSs { v, err := deploymentutil.Revision(rs) if err != nil { @@ -166,7 +166,7 @@ func (h *DeploymentHistoryViewer) ViewHistory(namespace, name string, revision i }) } -func printTemplate(template *v1.PodTemplateSpec) (string, error) { +func printTemplate(template *corev1.PodTemplateSpec) (string, error) { buf := bytes.NewBuffer([]byte{}) internalTemplate := &api.PodTemplateSpec{} if err := apiv1.Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(template, internalTemplate, nil); err != nil { diff --git a/pkg/kubectl/rollback.go b/pkg/kubectl/rollback.go index d6d327d7196..bec725f6f94 100644 --- a/pkg/kubectl/rollback.go +++ b/pkg/kubectl/rollback.go @@ -38,10 +38,8 @@ import ( "k8s.io/client-go/kubernetes" kapps "k8s.io/kubernetes/pkg/kubectl/apps" "k8s.io/kubernetes/pkg/kubectl/scheme" + deploymentutil "k8s.io/kubernetes/pkg/kubectl/util/deployment" sliceutil "k8s.io/kubernetes/pkg/kubectl/util/slice" - - // kubectl should not be taking dependencies on logic in the controllers - deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util" ) const ( diff --git a/pkg/kubectl/rolling_updater.go b/pkg/kubectl/rolling_updater.go index 7b019d7c97b..58741483805 100644 --- a/pkg/kubectl/rolling_updater.go +++ b/pkg/kubectl/rolling_updater.go @@ -35,8 +35,8 @@ import ( scaleclient "k8s.io/client-go/scale" "k8s.io/client-go/util/integer" "k8s.io/client-go/util/retry" - deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util" "k8s.io/kubernetes/pkg/kubectl/util" + deploymentutil "k8s.io/kubernetes/pkg/kubectl/util/deployment" "k8s.io/kubernetes/pkg/kubectl/util/podutils" ) diff --git a/pkg/kubectl/rollout_status.go b/pkg/kubectl/rollout_status.go index beb9d353030..932e905175e 100644 --- a/pkg/kubectl/rollout_status.go +++ b/pkg/kubectl/rollout_status.go @@ -23,8 +23,8 @@ import ( extensionsv1beta1 "k8s.io/api/extensions/v1beta1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/kubernetes/pkg/controller/deployment/util" "k8s.io/kubernetes/pkg/kubectl/scheme" + deploymentutil "k8s.io/kubernetes/pkg/kubectl/util/deployment" ) // StatusViewer provides an interface for resources that have rollout status. @@ -65,7 +65,7 @@ func (s *DeploymentStatusViewer) Status(obj runtime.Unstructured, revision int64 } if revision > 0 { - deploymentRev, err := util.Revision(deployment) + deploymentRev, err := deploymentutil.Revision(deployment) if err != nil { return "", false, fmt.Errorf("cannot get the revision of deployment %q: %v", deployment.Name, err) } @@ -74,8 +74,8 @@ func (s *DeploymentStatusViewer) Status(obj runtime.Unstructured, revision int64 } } if deployment.Generation <= deployment.Status.ObservedGeneration { - cond := util.GetDeploymentCondition(deployment.Status, appsv1.DeploymentProgressing) - if cond != nil && cond.Reason == util.TimedOutReason { + cond := deploymentutil.GetDeploymentCondition(deployment.Status, appsv1.DeploymentProgressing) + if cond != nil && cond.Reason == deploymentutil.TimedOutReason { return "", false, fmt.Errorf("deployment %q exceeded its progress deadline", deployment.Name) } if deployment.Spec.Replicas != nil && deployment.Status.UpdatedReplicas < *deployment.Spec.Replicas { diff --git a/pkg/kubectl/scale_test.go b/pkg/kubectl/scale_test.go index 589560d4b57..caf501a81f5 100644 --- a/pkg/kubectl/scale_test.go +++ b/pkg/kubectl/scale_test.go @@ -264,7 +264,7 @@ func TestStatefulSetScale(t *testing.T) { preconditions := ScalePrecondition{-1, ""} count := uint(3) name := "foo" - err := scaler.Scale("default", name, count, &preconditions, nil, nil, schema.GroupResource{Group: "apps", Resource: "statefullset"}) + err := scaler.Scale("default", name, count, &preconditions, nil, nil, schema.GroupResource{Group: "apps", Resource: "statefulset"}) if err != nil { t.Fatal(err) } diff --git a/pkg/kubectl/util/BUILD b/pkg/kubectl/util/BUILD index 8e9cc0ac87c..f1d00a04a8c 100644 --- a/pkg/kubectl/util/BUILD +++ b/pkg/kubectl/util/BUILD @@ -66,6 +66,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", + "//pkg/kubectl/util/deployment:all-srcs", "//pkg/kubectl/util/hash:all-srcs", "//pkg/kubectl/util/i18n:all-srcs", "//pkg/kubectl/util/logs:all-srcs", diff --git a/pkg/kubectl/util/deployment/BUILD b/pkg/kubectl/util/deployment/BUILD new file mode 100644 index 00000000000..5fffa4803e1 --- /dev/null +++ b/pkg/kubectl/util/deployment/BUILD @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["deployment.go"], + importpath = "k8s.io/kubernetes/pkg/kubectl/util/deployment", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/apps/v1:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/kubectl/util/deployment/deployment.go b/pkg/kubectl/util/deployment/deployment.go new file mode 100644 index 00000000000..88e7edd1682 --- /dev/null +++ b/pkg/kubectl/util/deployment/deployment.go @@ -0,0 +1,220 @@ +/* +Copyright 2016 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package deployment + +import ( + "sort" + "strconv" + + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + apiequality "k8s.io/apimachinery/pkg/api/equality" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + intstrutil "k8s.io/apimachinery/pkg/util/intstr" + appsclient "k8s.io/client-go/kubernetes/typed/apps/v1" +) + +const ( + // RevisionAnnotation is the revision annotation of a deployment's replica sets which records its rollout sequence + RevisionAnnotation = "deployment.kubernetes.io/revision" + // RollbackRevisionNotFound is not found rollback event reason + RollbackRevisionNotFound = "DeploymentRollbackRevisionNotFound" + // RollbackTemplateUnchanged is the template unchanged rollback event reason + RollbackTemplateUnchanged = "DeploymentRollbackTemplateUnchanged" + // RollbackDone is the done rollback event reason + RollbackDone = "DeploymentRollback" + // TimedOutReason is added in a deployment when its newest replica set fails to show any progress + // within the given deadline (progressDeadlineSeconds). + TimedOutReason = "ProgressDeadlineExceeded" +) + +// GetDeploymentCondition returns the condition with the provided type. +func GetDeploymentCondition(status appsv1.DeploymentStatus, condType appsv1.DeploymentConditionType) *appsv1.DeploymentCondition { + for i := range status.Conditions { + c := status.Conditions[i] + if c.Type == condType { + return &c + } + } + return nil +} + +// Revision returns the revision number of the input object. +func Revision(obj runtime.Object) (int64, error) { + acc, err := meta.Accessor(obj) + if err != nil { + return 0, err + } + v, ok := acc.GetAnnotations()[RevisionAnnotation] + if !ok { + return 0, nil + } + return strconv.ParseInt(v, 10, 64) +} + +// GetAllReplicaSets returns the old and new replica sets targeted by the given Deployment. It gets PodList and +// ReplicaSetList from client interface. Note that the first set of old replica sets doesn't include the ones +// with no pods, and the second set of old replica sets include all old replica sets. The third returned value +// is the new replica set, and it may be nil if it doesn't exist yet. +func GetAllReplicaSets(deployment *appsv1.Deployment, c appsclient.AppsV1Interface) ([]*appsv1.ReplicaSet, []*appsv1.ReplicaSet, *appsv1.ReplicaSet, error) { + rsList, err := listReplicaSets(deployment, rsListFromClient(c)) + if err != nil { + return nil, nil, nil, err + } + oldRSes, allOldRSes := findOldReplicaSets(deployment, rsList) + newRS := findNewReplicaSet(deployment, rsList) + return oldRSes, allOldRSes, newRS, nil +} + +// RsListFromClient returns an rsListFunc that wraps the given client. +func rsListFromClient(c appsclient.AppsV1Interface) rsListFunc { + return func(namespace string, options metav1.ListOptions) ([]*appsv1.ReplicaSet, error) { + rsList, err := c.ReplicaSets(namespace).List(options) + if err != nil { + return nil, err + } + var ret []*appsv1.ReplicaSet + for i := range rsList.Items { + ret = append(ret, &rsList.Items[i]) + } + return ret, err + } +} + +// TODO: switch this to full namespacers +type rsListFunc func(string, metav1.ListOptions) ([]*appsv1.ReplicaSet, error) +type podListFunc func(string, metav1.ListOptions) (*corev1.PodList, error) + +// listReplicaSets returns a slice of RSes the given deployment targets. +// Note that this does NOT attempt to reconcile ControllerRef (adopt/orphan), +// because only the controller itself should do that. +// However, it does filter out anything whose ControllerRef doesn't match. +func listReplicaSets(deployment *appsv1.Deployment, getRSList rsListFunc) ([]*appsv1.ReplicaSet, error) { + // TODO: Right now we list replica sets by their labels. We should list them by selector, i.e. the replica set's selector + // should be a superset of the deployment's selector, see https://github.com/kubernetes/kubernetes/issues/19830. + namespace := deployment.Namespace + selector, err := metav1.LabelSelectorAsSelector(deployment.Spec.Selector) + if err != nil { + return nil, err + } + options := metav1.ListOptions{LabelSelector: selector.String()} + all, err := getRSList(namespace, options) + if err != nil { + return nil, err + } + // Only include those whose ControllerRef matches the Deployment. + owned := make([]*appsv1.ReplicaSet, 0, len(all)) + for _, rs := range all { + if metav1.IsControlledBy(rs, deployment) { + owned = append(owned, rs) + } + } + return owned, nil +} + +// EqualIgnoreHash returns true if two given podTemplateSpec are equal, ignoring the diff in value of Labels[pod-template-hash] +// We ignore pod-template-hash because: +// 1. The hash result would be different upon podTemplateSpec API changes +// (e.g. the addition of a new field will cause the hash code to change) +// 2. The deployment template won't have hash labels +func equalIgnoreHash(template1, template2 *corev1.PodTemplateSpec) bool { + t1Copy := template1.DeepCopy() + t2Copy := template2.DeepCopy() + // Remove hash labels from template.Labels before comparing + delete(t1Copy.Labels, appsv1.DefaultDeploymentUniqueLabelKey) + delete(t2Copy.Labels, appsv1.DefaultDeploymentUniqueLabelKey) + return apiequality.Semantic.DeepEqual(t1Copy, t2Copy) +} + +// FindNewReplicaSet returns the new RS this given deployment targets (the one with the same pod template). +func findNewReplicaSet(deployment *appsv1.Deployment, rsList []*appsv1.ReplicaSet) *appsv1.ReplicaSet { + sort.Sort(replicaSetsByCreationTimestamp(rsList)) + for i := range rsList { + if equalIgnoreHash(&rsList[i].Spec.Template, &deployment.Spec.Template) { + // In rare cases, such as after cluster upgrades, Deployment may end up with + // having more than one new ReplicaSets that have the same template as its template, + // see https://github.com/kubernetes/kubernetes/issues/40415 + // We deterministically choose the oldest new ReplicaSet. + return rsList[i] + } + } + // new ReplicaSet does not exist. + return nil +} + +// replicaSetsByCreationTimestamp sorts a list of ReplicaSet by creation timestamp, using their names as a tie breaker. +type replicaSetsByCreationTimestamp []*appsv1.ReplicaSet + +func (o replicaSetsByCreationTimestamp) Len() int { return len(o) } +func (o replicaSetsByCreationTimestamp) Swap(i, j int) { o[i], o[j] = o[j], o[i] } +func (o replicaSetsByCreationTimestamp) Less(i, j int) bool { + if o[i].CreationTimestamp.Equal(&o[j].CreationTimestamp) { + return o[i].Name < o[j].Name + } + return o[i].CreationTimestamp.Before(&o[j].CreationTimestamp) +} + +// // FindOldReplicaSets returns the old replica sets targeted by the given Deployment, with the given slice of RSes. +// // Note that the first set of old replica sets doesn't include the ones with no pods, and the second set of old replica sets include all old replica sets. +func findOldReplicaSets(deployment *appsv1.Deployment, rsList []*appsv1.ReplicaSet) ([]*appsv1.ReplicaSet, []*appsv1.ReplicaSet) { + var requiredRSs []*appsv1.ReplicaSet + var allRSs []*appsv1.ReplicaSet + newRS := findNewReplicaSet(deployment, rsList) + for _, rs := range rsList { + // Filter out new replica set + if newRS != nil && rs.UID == newRS.UID { + continue + } + allRSs = append(allRSs, rs) + if *(rs.Spec.Replicas) != 0 { + requiredRSs = append(requiredRSs, rs) + } + } + return requiredRSs, allRSs +} + +// ResolveFenceposts resolves both maxSurge and maxUnavailable. This needs to happen in one +// step. For example: +// +// 2 desired, max unavailable 1%, surge 0% - should scale old(-1), then new(+1), then old(-1), then new(+1) +// 1 desired, max unavailable 1%, surge 0% - should scale old(-1), then new(+1) +// 2 desired, max unavailable 25%, surge 1% - should scale new(+1), then old(-1), then new(+1), then old(-1) +// 1 desired, max unavailable 25%, surge 1% - should scale new(+1), then old(-1) +// 2 desired, max unavailable 0%, surge 1% - should scale new(+1), then old(-1), then new(+1), then old(-1) +// 1 desired, max unavailable 0%, surge 1% - should scale new(+1), then old(-1) +func ResolveFenceposts(maxSurge, maxUnavailable *intstrutil.IntOrString, desired int32) (int32, int32, error) { + surge, err := intstrutil.GetValueFromIntOrPercent(intstrutil.ValueOrDefault(maxSurge, intstrutil.FromInt(0)), int(desired), true) + if err != nil { + return 0, 0, err + } + unavailable, err := intstrutil.GetValueFromIntOrPercent(intstrutil.ValueOrDefault(maxUnavailable, intstrutil.FromInt(0)), int(desired), false) + if err != nil { + return 0, 0, err + } + + if surge == 0 && unavailable == 0 { + // Validation should never allow the user to explicitly use zero values for both maxSurge + // maxUnavailable. Due to rounding down maxUnavailable though, it may resolve to zero. + // If both fenceposts resolve to zero, then we should set maxUnavailable to 1 on the + // theory that surge might not work due to quota. + unavailable = 1 + } + + return int32(surge), int32(unavailable), nil +} diff --git a/pkg/kubectl/util/i18n/BUILD b/pkg/kubectl/util/i18n/BUILD index 366fd39d718..fd48ae70cb9 100644 --- a/pkg/kubectl/util/i18n/BUILD +++ b/pkg/kubectl/util/i18n/BUILD @@ -11,7 +11,7 @@ go_library( srcs = ["i18n.go"], importpath = "k8s.io/kubernetes/pkg/kubectl/util/i18n", deps = [ - "//pkg/generated:go_default_library", + "//pkg/kubectl/generated:go_default_library", "//vendor/github.com/chai2010/gettext-go/gettext:go_default_library", "//vendor/github.com/golang/glog:go_default_library", ], diff --git a/pkg/kubectl/util/i18n/i18n.go b/pkg/kubectl/util/i18n/i18n.go index f1e730b6fd7..69d742ca243 100644 --- a/pkg/kubectl/util/i18n/i18n.go +++ b/pkg/kubectl/util/i18n/i18n.go @@ -24,7 +24,7 @@ import ( "os" "strings" - "k8s.io/kubernetes/pkg/generated" + "k8s.io/kubernetes/pkg/kubectl/generated" "github.com/chai2010/gettext-go/gettext" "github.com/golang/glog" diff --git a/pkg/kubelet/server/server_test.go b/pkg/kubelet/server/server_test.go index f3cef84cd12..dc8ba6e46a7 100644 --- a/pkg/kubelet/server/server_test.go +++ b/pkg/kubelet/server/server_test.go @@ -256,13 +256,17 @@ func (fk *fakeKubelet) ListVolumesForPod(podUID types.UID) (map[string]volume.Vo return map[string]volume.Volume{}, true } -func (_ *fakeKubelet) RootFsStats() (*statsapi.FsStats, error) { return nil, nil } -func (_ *fakeKubelet) ListPodStats() ([]statsapi.PodStats, error) { return nil, nil } -func (_ *fakeKubelet) ImageFsStats() (*statsapi.FsStats, error) { return nil, nil } -func (_ *fakeKubelet) RlimitStats() (*statsapi.RlimitStats, error) { return nil, nil } +func (_ *fakeKubelet) RootFsStats() (*statsapi.FsStats, error) { return nil, nil } +func (_ *fakeKubelet) ListPodStats() ([]statsapi.PodStats, error) { return nil, nil } +func (_ *fakeKubelet) ListPodCPUAndMemoryStats() ([]statsapi.PodStats, error) { return nil, nil } +func (_ *fakeKubelet) ImageFsStats() (*statsapi.FsStats, error) { return nil, nil } +func (_ *fakeKubelet) RlimitStats() (*statsapi.RlimitStats, error) { return nil, nil } func (_ *fakeKubelet) GetCgroupStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, *statsapi.NetworkStats, error) { return nil, nil, nil } +func (_ *fakeKubelet) GetCgroupCPUAndMemoryStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, error) { + return nil, nil +} type fakeAuth struct { authenticateFunc func(*http.Request) (user.Info, bool, error) diff --git a/pkg/kubelet/server/stats/handler.go b/pkg/kubelet/server/stats/handler.go index 6e665344503..683f20c32f3 100644 --- a/pkg/kubelet/server/stats/handler.go +++ b/pkg/kubelet/server/stats/handler.go @@ -43,6 +43,8 @@ type StatsProvider interface { // // ListPodStats returns the stats of all the containers managed by pods. ListPodStats() ([]statsapi.PodStats, error) + // ListPodCPUAndMemoryStats returns the CPU and memory stats of all the containers managed by pods. + ListPodCPUAndMemoryStats() ([]statsapi.PodStats, error) // ImageFsStats returns the stats of the image filesystem. ImageFsStats() (*statsapi.FsStats, error) @@ -51,6 +53,9 @@ type StatsProvider interface { // GetCgroupStats returns the stats and the networking usage of the cgroup // with the specified cgroupName. GetCgroupStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, *statsapi.NetworkStats, error) + // GetCgroupCPUAndMemoryStats returns the CPU and memory stats of the cgroup with the specified cgroupName. + GetCgroupCPUAndMemoryStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, error) + // RootFsStats returns the stats of the node root filesystem. RootFsStats() (*statsapi.FsStats, error) diff --git a/pkg/kubelet/server/stats/summary.go b/pkg/kubelet/server/stats/summary.go index 2897aff50f5..fb646c5d2f3 100644 --- a/pkg/kubelet/server/stats/summary.go +++ b/pkg/kubelet/server/stats/summary.go @@ -91,30 +91,33 @@ func (sp *summaryProviderImpl) Get(updateStats bool) (*statsapi.Summary, error) } func (sp *summaryProviderImpl) GetCPUAndMemoryStats() (*statsapi.Summary, error) { - summary, err := sp.Get(false) + // TODO(timstclair): Consider returning a best-effort response if any of + // the following errors occur. + node, err := sp.provider.GetNode() if err != nil { - return nil, err + return nil, fmt.Errorf("failed to get node info: %v", err) } - summary.Node.Network = nil - summary.Node.Fs = nil - summary.Node.Runtime = nil - summary.Node.Rlimit = nil - for i := 0; i < len(summary.Node.SystemContainers); i++ { - summary.Node.SystemContainers[i].Accelerators = nil - summary.Node.SystemContainers[i].Rootfs = nil - summary.Node.SystemContainers[i].Logs = nil - summary.Node.SystemContainers[i].UserDefinedMetrics = nil + nodeConfig := sp.provider.GetNodeConfig() + rootStats, err := sp.provider.GetCgroupCPUAndMemoryStats("/", false) + if err != nil { + return nil, fmt.Errorf("failed to get root cgroup stats: %v", err) } - for i := 0; i < len(summary.Pods); i++ { - summary.Pods[i].Network = nil - summary.Pods[i].VolumeStats = nil - summary.Pods[i].EphemeralStorage = nil - for j := 0; j < len(summary.Pods[i].Containers); j++ { - summary.Pods[i].Containers[j].Accelerators = nil - summary.Pods[i].Containers[j].Rootfs = nil - summary.Pods[i].Containers[j].Logs = nil - summary.Pods[i].Containers[j].UserDefinedMetrics = nil - } + + podStats, err := sp.provider.ListPodCPUAndMemoryStats() + if err != nil { + return nil, fmt.Errorf("failed to list pod stats: %v", err) } - return summary, nil + + nodeStats := statsapi.NodeStats{ + NodeName: node.Name, + CPU: rootStats.CPU, + Memory: rootStats.Memory, + StartTime: rootStats.StartTime, + SystemContainers: sp.GetSystemContainersCPUAndMemoryStats(nodeConfig, podStats, false), + } + summary := statsapi.Summary{ + Node: nodeStats, + Pods: podStats, + } + return &summary, nil } diff --git a/pkg/kubelet/server/stats/summary_sys_containers.go b/pkg/kubelet/server/stats/summary_sys_containers.go index 7c4205c93b3..7179e828020 100644 --- a/pkg/kubelet/server/stats/summary_sys_containers.go +++ b/pkg/kubelet/server/stats/summary_sys_containers.go @@ -53,3 +53,30 @@ func (sp *summaryProviderImpl) GetSystemContainersStats(nodeConfig cm.NodeConfig return stats } + +func (sp *summaryProviderImpl) GetSystemContainersCPUAndMemoryStats(nodeConfig cm.NodeConfig, podStats []statsapi.PodStats, updateStats bool) (stats []statsapi.ContainerStats) { + systemContainers := map[string]struct { + name string + forceStatsUpdate bool + }{ + statsapi.SystemContainerKubelet: {nodeConfig.KubeletCgroupsName, false}, + statsapi.SystemContainerRuntime: {nodeConfig.RuntimeCgroupsName, false}, + statsapi.SystemContainerMisc: {nodeConfig.SystemCgroupsName, false}, + statsapi.SystemContainerPods: {sp.provider.GetPodCgroupRoot(), updateStats}, + } + for sys, cont := range systemContainers { + // skip if cgroup name is undefined (not all system containers are required) + if cont.name == "" { + continue + } + s, err := sp.provider.GetCgroupCPUAndMemoryStats(cont.name, cont.forceStatsUpdate) + if err != nil { + glog.Errorf("Failed to get system container stats for %q: %v", cont.name, err) + continue + } + s.Name = sys + stats = append(stats, *s) + } + + return stats +} diff --git a/pkg/kubelet/server/stats/summary_sys_containers_windows.go b/pkg/kubelet/server/stats/summary_sys_containers_windows.go index b5e3affb7b3..cb8dcb3c898 100644 --- a/pkg/kubelet/server/stats/summary_sys_containers_windows.go +++ b/pkg/kubelet/server/stats/summary_sys_containers_windows.go @@ -27,11 +27,16 @@ import ( ) func (sp *summaryProviderImpl) GetSystemContainersStats(nodeConfig cm.NodeConfig, podStats []statsapi.PodStats, updateStats bool) (stats []statsapi.ContainerStats) { - stats = append(stats, sp.getSystemPodsStats(nodeConfig, podStats, updateStats)) + stats = append(stats, sp.getSystemPodsCPUAndMemoryStats(nodeConfig, podStats, updateStats)) return stats } -func (sp *summaryProviderImpl) getSystemPodsStats(nodeConfig cm.NodeConfig, podStats []statsapi.PodStats, updateStats bool) statsapi.ContainerStats { +func (sp *summaryProviderImpl) GetSystemContainersCPUAndMemoryStats(nodeConfig cm.NodeConfig, podStats []statsapi.PodStats, updateStats bool) (stats []statsapi.ContainerStats) { + stats = append(stats, sp.getSystemPodsCPUAndMemoryStats(nodeConfig, podStats, updateStats)) + return stats +} + +func (sp *summaryProviderImpl) getSystemPodsCPUAndMemoryStats(nodeConfig cm.NodeConfig, podStats []statsapi.PodStats, updateStats bool) statsapi.ContainerStats { now := metav1.NewTime(time.Now()) podsSummary := statsapi.ContainerStats{ StartTime: now, diff --git a/pkg/kubelet/server/stats/summary_test.go b/pkg/kubelet/server/stats/summary_test.go index b6d7dbbab74..d210298f59f 100644 --- a/pkg/kubelet/server/stats/summary_test.go +++ b/pkg/kubelet/server/stats/summary_test.go @@ -33,15 +33,6 @@ import ( ) var ( - podStats = []statsapi.PodStats{ - { - PodRef: statsapi.PodReference{Name: "test-pod", Namespace: "test-namespace", UID: "UID_test-pod"}, - StartTime: metav1.NewTime(time.Now()), - Containers: []statsapi.ContainerStats{*getContainerStats()}, - Network: getNetworkStats(), - VolumeStats: []statsapi.VolumeStats{*getVolumeStats()}, - }, - } imageFsStats = getFsStats() rootFsStats = getFsStats() node = &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: "test-node"}} @@ -50,8 +41,23 @@ var ( SystemCgroupsName: "/misc", KubeletCgroupsName: "/kubelet", } - cgroupRoot = "/kubepods" - cgroupStatsMap = map[string]struct { + cgroupRoot = "/kubepods" + rlimitStats = getRlimitStats() +) + +func TestSummaryProviderGetStats(t *testing.T) { + assert := assert.New(t) + + podStats := []statsapi.PodStats{ + { + PodRef: statsapi.PodReference{Name: "test-pod", Namespace: "test-namespace", UID: "UID_test-pod"}, + StartTime: metav1.NewTime(time.Now()), + Containers: []statsapi.ContainerStats{*getContainerStats()}, + Network: getNetworkStats(), + VolumeStats: []statsapi.VolumeStats{*getVolumeStats()}, + }, + } + cgroupStatsMap := map[string]struct { cs *statsapi.ContainerStats ns *statsapi.NetworkStats }{ @@ -61,11 +67,6 @@ var ( "/kubelet": {cs: getContainerStats(), ns: getNetworkStats()}, "/pods": {cs: getContainerStats(), ns: getNetworkStats()}, } - rlimitStats = getRlimitStats() -) - -func TestSummaryProviderGetStats(t *testing.T) { - assert := assert.New(t) mockStatsProvider := new(statstest.StatsProvider) mockStatsProvider. @@ -133,20 +134,34 @@ func TestSummaryProviderGetStats(t *testing.T) { func TestSummaryProviderGetCPUAndMemoryStats(t *testing.T) { assert := assert.New(t) + podStats := []statsapi.PodStats{ + { + PodRef: statsapi.PodReference{Name: "test-pod", Namespace: "test-namespace", UID: "UID_test-pod"}, + StartTime: metav1.NewTime(time.Now()), + Containers: []statsapi.ContainerStats{*getContainerStats()}, + }, + } + cgroupStatsMap := map[string]struct { + cs *statsapi.ContainerStats + }{ + "/": {cs: getVolumeCPUAndMemoryStats()}, + "/runtime": {cs: getVolumeCPUAndMemoryStats()}, + "/misc": {cs: getVolumeCPUAndMemoryStats()}, + "/kubelet": {cs: getVolumeCPUAndMemoryStats()}, + "/pods": {cs: getVolumeCPUAndMemoryStats()}, + } + mockStatsProvider := new(statstest.StatsProvider) mockStatsProvider. On("GetNode").Return(node, nil). On("GetNodeConfig").Return(nodeConfig). On("GetPodCgroupRoot").Return(cgroupRoot). - On("ListPodStats").Return(podStats, nil). - On("ImageFsStats").Return(imageFsStats, nil). - On("RootFsStats").Return(rootFsStats, nil). - On("RlimitStats").Return(rlimitStats, nil). - On("GetCgroupStats", "/", false).Return(cgroupStatsMap["/"].cs, cgroupStatsMap["/"].ns, nil). - On("GetCgroupStats", "/runtime", false).Return(cgroupStatsMap["/runtime"].cs, cgroupStatsMap["/runtime"].ns, nil). - On("GetCgroupStats", "/misc", false).Return(cgroupStatsMap["/misc"].cs, cgroupStatsMap["/misc"].ns, nil). - On("GetCgroupStats", "/kubelet", false).Return(cgroupStatsMap["/kubelet"].cs, cgroupStatsMap["/kubelet"].ns, nil). - On("GetCgroupStats", "/kubepods", false).Return(cgroupStatsMap["/pods"].cs, cgroupStatsMap["/pods"].ns, nil) + On("ListPodCPUAndMemoryStats").Return(podStats, nil). + On("GetCgroupCPUAndMemoryStats", "/", false).Return(cgroupStatsMap["/"].cs, nil). + On("GetCgroupCPUAndMemoryStats", "/runtime", false).Return(cgroupStatsMap["/runtime"].cs, nil). + On("GetCgroupCPUAndMemoryStats", "/misc", false).Return(cgroupStatsMap["/misc"].cs, nil). + On("GetCgroupCPUAndMemoryStats", "/kubelet", false).Return(cgroupStatsMap["/kubelet"].cs, nil). + On("GetCgroupCPUAndMemoryStats", "/kubepods", false).Return(cgroupStatsMap["/pods"].cs, nil) provider := NewSummaryProvider(mockStatsProvider) summary, err := provider.GetCPUAndMemoryStats() @@ -201,6 +216,15 @@ func getContainerStats() *statsapi.ContainerStats { f.Fuzz(v) return v } +func getVolumeCPUAndMemoryStats() *statsapi.ContainerStats { + f := fuzz.New().NilChance(0) + v := &statsapi.ContainerStats{} + f.Fuzz(&v.Name) + f.Fuzz(&v.StartTime) + f.Fuzz(v.CPU) + f.Fuzz(v.Memory) + return v +} func getVolumeStats() *statsapi.VolumeStats { f := fuzz.New().NilChance(0) diff --git a/pkg/kubelet/server/stats/testing/mock_stats_provider.go b/pkg/kubelet/server/stats/testing/mock_stats_provider.go index a50ad43b375..9db0482ab39 100644 --- a/pkg/kubelet/server/stats/testing/mock_stats_provider.go +++ b/pkg/kubelet/server/stats/testing/mock_stats_provider.go @@ -64,6 +64,29 @@ func (_m *StatsProvider) GetCgroupStats(cgroupName string, updateStats bool) (*v return r0, r1, r2 } +// GetCgroupCPUAndMemoryStats provides a mock function with given fields: cgroupName, updateStats +func (_m *StatsProvider) GetCgroupCPUAndMemoryStats(cgroupName string, updateStats bool) (*v1alpha1.ContainerStats, error) { + ret := _m.Called(cgroupName, updateStats) + + var r0 *v1alpha1.ContainerStats + if rf, ok := ret.Get(0).(func(string, bool) *v1alpha1.ContainerStats); ok { + r0 = rf(cgroupName, updateStats) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*v1alpha1.ContainerStats) + } + } + + var r1 error + if rf, ok := ret.Get(1).(func(string, bool) error); ok { + r1 = rf(cgroupName, updateStats) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + // GetPodByCgroupfs provides the pod that maps to the specified cgroup, as well // as whether the pod was found. func (_m *StatsProvider) GetPodByCgroupfs(cgroupfs string) (*corev1.Pod, bool) { @@ -252,6 +275,29 @@ func (_m *StatsProvider) ListPodStats() ([]v1alpha1.PodStats, error) { return r0, r1 } +// ListPodCPUAndMemoryStats provides a mock function with given fields: +func (_m *StatsProvider) ListPodCPUAndMemoryStats() ([]v1alpha1.PodStats, error) { + ret := _m.Called() + + var r0 []v1alpha1.PodStats + if rf, ok := ret.Get(0).(func() []v1alpha1.PodStats); ok { + r0 = rf() + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).([]v1alpha1.PodStats) + } + } + + var r1 error + if rf, ok := ret.Get(1).(func() error); ok { + r1 = rf() + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + // ListVolumesForPod provides a mock function with given fields: podUID func (_m *StatsProvider) ListVolumesForPod(podUID types.UID) (map[string]volume.Volume, bool) { ret := _m.Called(podUID) diff --git a/pkg/kubelet/stats/cadvisor_stats_provider.go b/pkg/kubelet/stats/cadvisor_stats_provider.go index 8529872cd50..35820f7e94a 100644 --- a/pkg/kubelet/stats/cadvisor_stats_provider.go +++ b/pkg/kubelet/stats/cadvisor_stats_provider.go @@ -145,6 +145,68 @@ func (p *cadvisorStatsProvider) ListPodStats() ([]statsapi.PodStats, error) { return result, nil } +// ListPodCPUAndMemoryStats returns the cpu and memory stats of all the pod-managed containers. +func (p *cadvisorStatsProvider) ListPodCPUAndMemoryStats() ([]statsapi.PodStats, error) { + infos, err := getCadvisorContainerInfo(p.cadvisor) + if err != nil { + return nil, fmt.Errorf("failed to get container info from cadvisor: %v", err) + } + // removeTerminatedContainerInfo will also remove pod level cgroups, so save the infos into allInfos first + allInfos := infos + infos = removeTerminatedContainerInfo(infos) + // Map each container to a pod and update the PodStats with container data. + podToStats := map[statsapi.PodReference]*statsapi.PodStats{} + for key, cinfo := range infos { + // On systemd using devicemapper each mount into the container has an + // associated cgroup. We ignore them to ensure we do not get duplicate + // entries in our summary. For details on .mount units: + // http://man7.org/linux/man-pages/man5/systemd.mount.5.html + if strings.HasSuffix(key, ".mount") { + continue + } + // Build the Pod key if this container is managed by a Pod + if !isPodManagedContainer(&cinfo) { + continue + } + ref := buildPodRef(cinfo.Spec.Labels) + + // Lookup the PodStats for the pod using the PodRef. If none exists, + // initialize a new entry. + podStats, found := podToStats[ref] + if !found { + podStats = &statsapi.PodStats{PodRef: ref} + podToStats[ref] = podStats + } + + // Update the PodStats entry with the stats from the container by + // adding it to podStats.Containers. + containerName := kubetypes.GetContainerName(cinfo.Spec.Labels) + if containerName == leaky.PodInfraContainerName { + // Special case for infrastructure container which is hidden from + // the user and has network stats. + podStats.StartTime = metav1.NewTime(cinfo.Spec.CreationTime) + } else { + podStats.Containers = append(podStats.Containers, *cadvisorInfoToContainerCPUAndMemoryStats(containerName, &cinfo)) + } + } + + // Add each PodStats to the result. + result := make([]statsapi.PodStats, 0, len(podToStats)) + for _, podStats := range podToStats { + podUID := types.UID(podStats.PodRef.UID) + // Lookup the pod-level cgroup's CPU and memory stats + podInfo := getCadvisorPodInfoFromPodUID(podUID, allInfos) + if podInfo != nil { + cpu, memory := cadvisorInfoToCPUandMemoryStats(podInfo) + podStats.CPU = cpu + podStats.Memory = memory + } + result = append(result, *podStats) + } + + return result, nil +} + func calcEphemeralStorage(containers []statsapi.ContainerStats, volumes []statsapi.VolumeStats, rootFsInfo *cadvisorapiv2.FsInfo) *statsapi.FsStats { result := &statsapi.FsStats{ Time: metav1.NewTime(rootFsInfo.Timestamp), diff --git a/pkg/kubelet/stats/cadvisor_stats_provider_test.go b/pkg/kubelet/stats/cadvisor_stats_provider_test.go index 942fa2e2c50..68a41acb1b9 100644 --- a/pkg/kubelet/stats/cadvisor_stats_provider_test.go +++ b/pkg/kubelet/stats/cadvisor_stats_provider_test.go @@ -258,6 +258,169 @@ func TestCadvisorListPodStats(t *testing.T) { checkNetworkStats(t, "Pod2", seedPod2Infra, ps.Network) } +func TestCadvisorListPodCPUAndMemoryStats(t *testing.T) { + const ( + namespace0 = "test0" + namespace2 = "test2" + ) + const ( + seedRoot = 0 + seedRuntime = 100 + seedKubelet = 200 + seedMisc = 300 + seedPod0Infra = 1000 + seedPod0Container0 = 2000 + seedPod0Container1 = 2001 + seedPod1Infra = 3000 + seedPod1Container = 4000 + seedPod2Infra = 5000 + seedPod2Container = 6000 + seedEphemeralVolume1 = 10000 + seedEphemeralVolume2 = 10001 + seedPersistentVolume1 = 20000 + seedPersistentVolume2 = 20001 + ) + const ( + pName0 = "pod0" + pName1 = "pod1" + pName2 = "pod0" // ensure pName2 conflicts with pName0, but is in a different namespace + ) + const ( + cName00 = "c0" + cName01 = "c1" + cName10 = "c0" // ensure cName10 conflicts with cName02, but is in a different pod + cName20 = "c1" // ensure cName20 conflicts with cName01, but is in a different pod + namespace + ) + + prf0 := statsapi.PodReference{Name: pName0, Namespace: namespace0, UID: "UID" + pName0} + prf1 := statsapi.PodReference{Name: pName1, Namespace: namespace0, UID: "UID" + pName1} + prf2 := statsapi.PodReference{Name: pName2, Namespace: namespace2, UID: "UID" + pName2} + infos := map[string]cadvisorapiv2.ContainerInfo{ + "/": getTestContainerInfo(seedRoot, "", "", ""), + "/docker-daemon": getTestContainerInfo(seedRuntime, "", "", ""), + "/kubelet": getTestContainerInfo(seedKubelet, "", "", ""), + "/system": getTestContainerInfo(seedMisc, "", "", ""), + // Pod0 - Namespace0 + "/pod0-i": getTestContainerInfo(seedPod0Infra, pName0, namespace0, leaky.PodInfraContainerName), + "/pod0-c0": getTestContainerInfo(seedPod0Container0, pName0, namespace0, cName00), + "/pod0-c1": getTestContainerInfo(seedPod0Container1, pName0, namespace0, cName01), + // Pod1 - Namespace0 + "/pod1-i": getTestContainerInfo(seedPod1Infra, pName1, namespace0, leaky.PodInfraContainerName), + "/pod1-c0": getTestContainerInfo(seedPod1Container, pName1, namespace0, cName10), + // Pod2 - Namespace2 + "/pod2-i": getTestContainerInfo(seedPod2Infra, pName2, namespace2, leaky.PodInfraContainerName), + "/pod2-c0": getTestContainerInfo(seedPod2Container, pName2, namespace2, cName20), + "/kubepods/burstable/podUIDpod0": getTestContainerInfo(seedPod0Infra, pName0, namespace0, leaky.PodInfraContainerName), + "/kubepods/podUIDpod1": getTestContainerInfo(seedPod1Infra, pName1, namespace0, leaky.PodInfraContainerName), + } + + // memory limit overrides for each container (used to test available bytes if a memory limit is known) + memoryLimitOverrides := map[string]uint64{ + "/": uint64(1 << 30), + "/pod2-c0": uint64(1 << 15), + } + for name, memoryLimitOverride := range memoryLimitOverrides { + info, found := infos[name] + if !found { + t.Errorf("No container defined with name %v", name) + } + info.Spec.Memory.Limit = memoryLimitOverride + infos[name] = info + } + + options := cadvisorapiv2.RequestOptions{ + IdType: cadvisorapiv2.TypeName, + Count: 2, + Recursive: true, + } + + mockCadvisor := new(cadvisortest.Mock) + mockCadvisor. + On("ContainerInfoV2", "/", options).Return(infos, nil) + + ephemeralVolumes := []statsapi.VolumeStats{getPodVolumeStats(seedEphemeralVolume1, "ephemeralVolume1"), + getPodVolumeStats(seedEphemeralVolume2, "ephemeralVolume2")} + persistentVolumes := []statsapi.VolumeStats{getPodVolumeStats(seedPersistentVolume1, "persistentVolume1"), + getPodVolumeStats(seedPersistentVolume2, "persistentVolume2")} + volumeStats := serverstats.PodVolumeStats{ + EphemeralVolumes: ephemeralVolumes, + PersistentVolumes: persistentVolumes, + } + + resourceAnalyzer := &fakeResourceAnalyzer{podVolumeStats: volumeStats} + + p := NewCadvisorStatsProvider(mockCadvisor, resourceAnalyzer, nil, nil, nil) + pods, err := p.ListPodCPUAndMemoryStats() + assert.NoError(t, err) + + assert.Equal(t, 3, len(pods)) + indexPods := make(map[statsapi.PodReference]statsapi.PodStats, len(pods)) + for _, pod := range pods { + indexPods[pod.PodRef] = pod + } + + // Validate Pod0 Results + ps, found := indexPods[prf0] + assert.True(t, found) + assert.Len(t, ps.Containers, 2) + indexCon := make(map[string]statsapi.ContainerStats, len(ps.Containers)) + for _, con := range ps.Containers { + indexCon[con.Name] = con + } + con := indexCon[cName00] + assert.EqualValues(t, testTime(creationTime, seedPod0Container0).Unix(), con.StartTime.Time.Unix()) + checkCPUStats(t, "Pod0Container0", seedPod0Container0, con.CPU) + checkMemoryStats(t, "Pod0Conainer0", seedPod0Container0, infos["/pod0-c0"], con.Memory) + assert.Nil(t, con.Rootfs) + assert.Nil(t, con.Logs) + assert.Nil(t, con.Accelerators) + assert.Nil(t, con.UserDefinedMetrics) + + con = indexCon[cName01] + assert.EqualValues(t, testTime(creationTime, seedPod0Container1).Unix(), con.StartTime.Time.Unix()) + checkCPUStats(t, "Pod0Container1", seedPod0Container1, con.CPU) + checkMemoryStats(t, "Pod0Container1", seedPod0Container1, infos["/pod0-c1"], con.Memory) + assert.Nil(t, con.Rootfs) + assert.Nil(t, con.Logs) + assert.Nil(t, con.Accelerators) + assert.Nil(t, con.UserDefinedMetrics) + + assert.EqualValues(t, testTime(creationTime, seedPod0Infra).Unix(), ps.StartTime.Time.Unix()) + assert.Nil(t, ps.EphemeralStorage) + assert.Nil(t, ps.VolumeStats) + assert.Nil(t, ps.Network) + if ps.CPU != nil { + checkCPUStats(t, "Pod0", seedPod0Infra, ps.CPU) + } + if ps.Memory != nil { + checkMemoryStats(t, "Pod0", seedPod0Infra, infos["/pod0-i"], ps.Memory) + } + + // Validate Pod1 Results + ps, found = indexPods[prf1] + assert.True(t, found) + assert.Len(t, ps.Containers, 1) + con = ps.Containers[0] + assert.Equal(t, cName10, con.Name) + checkCPUStats(t, "Pod1Container0", seedPod1Container, con.CPU) + checkMemoryStats(t, "Pod1Container0", seedPod1Container, infos["/pod1-c0"], con.Memory) + assert.Nil(t, ps.EphemeralStorage) + assert.Nil(t, ps.VolumeStats) + assert.Nil(t, ps.Network) + + // Validate Pod2 Results + ps, found = indexPods[prf2] + assert.True(t, found) + assert.Len(t, ps.Containers, 1) + con = ps.Containers[0] + assert.Equal(t, cName20, con.Name) + checkCPUStats(t, "Pod2Container0", seedPod2Container, con.CPU) + checkMemoryStats(t, "Pod2Container0", seedPod2Container, infos["/pod2-c0"], con.Memory) + assert.Nil(t, ps.EphemeralStorage) + assert.Nil(t, ps.VolumeStats) + assert.Nil(t, ps.Network) +} + func TestCadvisorImagesFsStats(t *testing.T) { var ( assert = assert.New(t) diff --git a/pkg/kubelet/stats/cri_stats_provider.go b/pkg/kubelet/stats/cri_stats_provider.go index 6580f46ead0..3ebf3a0fec2 100644 --- a/pkg/kubelet/stats/cri_stats_provider.go +++ b/pkg/kubelet/stats/cri_stats_provider.go @@ -169,6 +169,87 @@ func (p *criStatsProvider) ListPodStats() ([]statsapi.PodStats, error) { return result, nil } +// ListPodCPUAndMemoryStats returns the CPU and Memory stats of all the pod-managed containers. +func (p *criStatsProvider) ListPodCPUAndMemoryStats() ([]statsapi.PodStats, error) { + containers, err := p.runtimeService.ListContainers(&runtimeapi.ContainerFilter{}) + if err != nil { + return nil, fmt.Errorf("failed to list all containers: %v", err) + } + + // Creates pod sandbox map. + podSandboxMap := make(map[string]*runtimeapi.PodSandbox) + podSandboxes, err := p.runtimeService.ListPodSandbox(&runtimeapi.PodSandboxFilter{}) + if err != nil { + return nil, fmt.Errorf("failed to list all pod sandboxes: %v", err) + } + for _, s := range podSandboxes { + podSandboxMap[s.Id] = s + } + + // sandboxIDToPodStats is a temporary map from sandbox ID to its pod stats. + sandboxIDToPodStats := make(map[string]*statsapi.PodStats) + + resp, err := p.runtimeService.ListContainerStats(&runtimeapi.ContainerStatsFilter{}) + if err != nil { + return nil, fmt.Errorf("failed to list all container stats: %v", err) + } + + containers = removeTerminatedContainer(containers) + // Creates container map. + containerMap := make(map[string]*runtimeapi.Container) + for _, c := range containers { + containerMap[c.Id] = c + } + + allInfos, err := getCadvisorContainerInfo(p.cadvisor) + if err != nil { + return nil, fmt.Errorf("failed to fetch cadvisor stats: %v", err) + } + caInfos := getCRICadvisorStats(allInfos) + + for _, stats := range resp { + containerID := stats.Attributes.Id + container, found := containerMap[containerID] + if !found { + continue + } + + podSandboxID := container.PodSandboxId + podSandbox, found := podSandboxMap[podSandboxID] + if !found { + continue + } + + // Creates the stats of the pod (if not created yet) which the + // container belongs to. + ps, found := sandboxIDToPodStats[podSandboxID] + if !found { + ps = buildPodStats(podSandbox) + sandboxIDToPodStats[podSandboxID] = ps + } + + // Fill available CPU and memory stats for full set of required pod stats + cs := p.makeContainerCPUAndMemoryStats(stats, container) + p.addPodCPUMemoryStats(ps, types.UID(podSandbox.Metadata.Uid), allInfos, cs) + + // If cadvisor stats is available for the container, use it to populate + // container stats + caStats, caFound := caInfos[containerID] + if !caFound { + glog.V(4).Infof("Unable to find cadvisor stats for %q", containerID) + } else { + p.addCadvisorContainerStats(cs, &caStats) + } + ps.Containers = append(ps.Containers, *cs) + } + + result := make([]statsapi.PodStats, 0, len(sandboxIDToPodStats)) + for _, s := range sandboxIDToPodStats { + result = append(result, *s) + } + return result, nil +} + // ImageFsStats returns the stats of the image filesystem. func (p *criStatsProvider) ImageFsStats() (*statsapi.FsStats, error) { resp, err := p.imageService.ImageFsInfo() @@ -393,6 +474,33 @@ func (p *criStatsProvider) makeContainerStats( return result } +func (p *criStatsProvider) makeContainerCPUAndMemoryStats( + stats *runtimeapi.ContainerStats, + container *runtimeapi.Container, +) *statsapi.ContainerStats { + result := &statsapi.ContainerStats{ + Name: stats.Attributes.Metadata.Name, + // The StartTime in the summary API is the container creation time. + StartTime: metav1.NewTime(time.Unix(0, container.CreatedAt)), + CPU: &statsapi.CPUStats{}, + Memory: &statsapi.MemoryStats{}, + // UserDefinedMetrics is not supported by CRI. + } + if stats.Cpu != nil { + result.CPU.Time = metav1.NewTime(time.Unix(0, stats.Cpu.Timestamp)) + if stats.Cpu.UsageCoreNanoSeconds != nil { + result.CPU.UsageCoreNanoSeconds = &stats.Cpu.UsageCoreNanoSeconds.Value + } + } + if stats.Memory != nil { + result.Memory.Time = metav1.NewTime(time.Unix(0, stats.Memory.Timestamp)) + if stats.Memory.WorkingSetBytes != nil { + result.Memory.WorkingSetBytes = &stats.Memory.WorkingSetBytes.Value + } + } + return result +} + // removeTerminatedContainer returns the specified container but with // the stats of the terminated containers removed. func removeTerminatedContainer(containers []*runtimeapi.Container) []*runtimeapi.Container { diff --git a/pkg/kubelet/stats/cri_stats_provider_test.go b/pkg/kubelet/stats/cri_stats_provider_test.go index 9e1dd1bb8c3..3e73625a2f9 100644 --- a/pkg/kubelet/stats/cri_stats_provider_test.go +++ b/pkg/kubelet/stats/cri_stats_provider_test.go @@ -46,33 +46,33 @@ const ( offsetUsage ) +const ( + seedRoot = 0 + seedKubelet = 200 + seedMisc = 300 + seedSandbox0 = 1000 + seedContainer0 = 2000 + seedSandbox1 = 3000 + seedContainer1 = 4000 + seedContainer2 = 5000 + seedSandbox2 = 6000 + seedContainer3 = 7000 +) + +const ( + pName0 = "pod0" + pName1 = "pod1" + pName2 = "pod2" +) + +const ( + cName0 = "container0-name" + cName1 = "container1-name" + cName2 = "container2-name" + cName3 = "container3-name" +) + func TestCRIListPodStats(t *testing.T) { - const ( - seedRoot = 0 - seedKubelet = 200 - seedMisc = 300 - seedSandbox0 = 1000 - seedContainer0 = 2000 - seedSandbox1 = 3000 - seedContainer1 = 4000 - seedContainer2 = 5000 - seedSandbox2 = 6000 - seedContainer3 = 7000 - ) - - const ( - pName0 = "pod0" - pName1 = "pod1" - pName2 = "pod2" - ) - - const ( - cName0 = "container0-name" - cName1 = "container1-name" - cName2 = "container2-name" - cName3 = "container3-name" - ) - var ( imageFsMountpoint = "/test/mount/point" unknownMountpoint = "/unknown/mount/point" @@ -242,6 +242,166 @@ func TestCRIListPodStats(t *testing.T) { mockCadvisor.AssertExpectations(t) } +func TestCRIListPodCPUAndMemoryStats(t *testing.T) { + + var ( + imageFsMountpoint = "/test/mount/point" + unknownMountpoint = "/unknown/mount/point" + + sandbox0 = makeFakePodSandbox("sandbox0-name", "sandbox0-uid", "sandbox0-ns") + sandbox0Cgroup = "/" + cm.GetPodCgroupNameSuffix(types.UID(sandbox0.PodSandboxStatus.Metadata.Uid)) + container0 = makeFakeContainer(sandbox0, cName0, 0, false) + containerStats0 = makeFakeContainerStats(container0, imageFsMountpoint) + container1 = makeFakeContainer(sandbox0, cName1, 0, false) + containerStats1 = makeFakeContainerStats(container1, unknownMountpoint) + + sandbox1 = makeFakePodSandbox("sandbox1-name", "sandbox1-uid", "sandbox1-ns") + sandbox1Cgroup = "/" + cm.GetPodCgroupNameSuffix(types.UID(sandbox1.PodSandboxStatus.Metadata.Uid)) + container2 = makeFakeContainer(sandbox1, cName2, 0, false) + containerStats2 = makeFakeContainerStats(container2, imageFsMountpoint) + + sandbox2 = makeFakePodSandbox("sandbox2-name", "sandbox2-uid", "sandbox2-ns") + sandbox2Cgroup = "/" + cm.GetPodCgroupNameSuffix(types.UID(sandbox2.PodSandboxStatus.Metadata.Uid)) + container3 = makeFakeContainer(sandbox2, cName3, 0, true) + containerStats3 = makeFakeContainerStats(container3, imageFsMountpoint) + container4 = makeFakeContainer(sandbox2, cName3, 1, false) + containerStats4 = makeFakeContainerStats(container4, imageFsMountpoint) + ) + + var ( + mockCadvisor = new(cadvisortest.Mock) + mockRuntimeCache = new(kubecontainertest.MockRuntimeCache) + mockPodManager = new(kubepodtest.MockManager) + resourceAnalyzer = new(fakeResourceAnalyzer) + fakeRuntimeService = critest.NewFakeRuntimeService() + ) + + infos := map[string]cadvisorapiv2.ContainerInfo{ + "/": getTestContainerInfo(seedRoot, "", "", ""), + "/kubelet": getTestContainerInfo(seedKubelet, "", "", ""), + "/system": getTestContainerInfo(seedMisc, "", "", ""), + sandbox0.PodSandboxStatus.Id: getTestContainerInfo(seedSandbox0, pName0, sandbox0.PodSandboxStatus.Metadata.Namespace, leaky.PodInfraContainerName), + sandbox0Cgroup: getTestContainerInfo(seedSandbox0, "", "", ""), + container0.ContainerStatus.Id: getTestContainerInfo(seedContainer0, pName0, sandbox0.PodSandboxStatus.Metadata.Namespace, cName0), + container1.ContainerStatus.Id: getTestContainerInfo(seedContainer1, pName0, sandbox0.PodSandboxStatus.Metadata.Namespace, cName1), + sandbox1.PodSandboxStatus.Id: getTestContainerInfo(seedSandbox1, pName1, sandbox1.PodSandboxStatus.Metadata.Namespace, leaky.PodInfraContainerName), + sandbox1Cgroup: getTestContainerInfo(seedSandbox1, "", "", ""), + container2.ContainerStatus.Id: getTestContainerInfo(seedContainer2, pName1, sandbox1.PodSandboxStatus.Metadata.Namespace, cName2), + sandbox2.PodSandboxStatus.Id: getTestContainerInfo(seedSandbox2, pName2, sandbox2.PodSandboxStatus.Metadata.Namespace, leaky.PodInfraContainerName), + sandbox2Cgroup: getTestContainerInfo(seedSandbox2, "", "", ""), + container4.ContainerStatus.Id: getTestContainerInfo(seedContainer3, pName2, sandbox2.PodSandboxStatus.Metadata.Namespace, cName3), + } + + options := cadvisorapiv2.RequestOptions{ + IdType: cadvisorapiv2.TypeName, + Count: 2, + Recursive: true, + } + + mockCadvisor. + On("ContainerInfoV2", "/", options).Return(infos, nil) + fakeRuntimeService.SetFakeSandboxes([]*critest.FakePodSandbox{ + sandbox0, sandbox1, sandbox2, + }) + fakeRuntimeService.SetFakeContainers([]*critest.FakeContainer{ + container0, container1, container2, container3, container4, + }) + fakeRuntimeService.SetFakeContainerStats([]*runtimeapi.ContainerStats{ + containerStats0, containerStats1, containerStats2, containerStats3, containerStats4, + }) + + ephemeralVolumes := makeFakeVolumeStats([]string{"ephVolume1, ephVolumes2"}) + persistentVolumes := makeFakeVolumeStats([]string{"persisVolume1, persisVolumes2"}) + resourceAnalyzer.podVolumeStats = serverstats.PodVolumeStats{ + EphemeralVolumes: ephemeralVolumes, + PersistentVolumes: persistentVolumes, + } + + provider := NewCRIStatsProvider( + mockCadvisor, + resourceAnalyzer, + mockPodManager, + mockRuntimeCache, + fakeRuntimeService, + nil, + nil, + ) + + stats, err := provider.ListPodCPUAndMemoryStats() + assert := assert.New(t) + assert.NoError(err) + assert.Equal(3, len(stats)) + + podStatsMap := make(map[statsapi.PodReference]statsapi.PodStats) + for _, s := range stats { + podStatsMap[s.PodRef] = s + } + + p0 := podStatsMap[statsapi.PodReference{Name: "sandbox0-name", UID: "sandbox0-uid", Namespace: "sandbox0-ns"}] + assert.Equal(sandbox0.CreatedAt, p0.StartTime.UnixNano()) + assert.Equal(2, len(p0.Containers)) + assert.Nil(p0.EphemeralStorage) + assert.Nil(p0.VolumeStats) + assert.Nil(p0.Network) + checkCRIPodCPUAndMemoryStats(assert, p0, infos[sandbox0Cgroup].Stats[0]) + + containerStatsMap := make(map[string]statsapi.ContainerStats) + for _, s := range p0.Containers { + containerStatsMap[s.Name] = s + } + + c0 := containerStatsMap[cName0] + assert.Equal(container0.CreatedAt, c0.StartTime.UnixNano()) + checkCRICPUAndMemoryStats(assert, c0, infos[container0.ContainerStatus.Id].Stats[0]) + assert.Nil(c0.Rootfs) + assert.Nil(c0.Logs) + assert.Nil(c0.Accelerators) + assert.Nil(c0.UserDefinedMetrics) + c1 := containerStatsMap[cName1] + assert.Equal(container1.CreatedAt, c1.StartTime.UnixNano()) + checkCRICPUAndMemoryStats(assert, c1, infos[container1.ContainerStatus.Id].Stats[0]) + assert.Nil(c1.Rootfs) + assert.Nil(c1.Logs) + assert.Nil(c1.Accelerators) + assert.Nil(c1.UserDefinedMetrics) + + p1 := podStatsMap[statsapi.PodReference{Name: "sandbox1-name", UID: "sandbox1-uid", Namespace: "sandbox1-ns"}] + assert.Equal(sandbox1.CreatedAt, p1.StartTime.UnixNano()) + assert.Equal(1, len(p1.Containers)) + assert.Nil(p1.EphemeralStorage) + assert.Nil(p1.VolumeStats) + assert.Nil(p1.Network) + checkCRIPodCPUAndMemoryStats(assert, p1, infos[sandbox1Cgroup].Stats[0]) + + c2 := p1.Containers[0] + assert.Equal(cName2, c2.Name) + assert.Equal(container2.CreatedAt, c2.StartTime.UnixNano()) + checkCRICPUAndMemoryStats(assert, c2, infos[container2.ContainerStatus.Id].Stats[0]) + assert.Nil(c2.Rootfs) + assert.Nil(c2.Logs) + assert.Nil(c2.Accelerators) + assert.Nil(c2.UserDefinedMetrics) + + p2 := podStatsMap[statsapi.PodReference{Name: "sandbox2-name", UID: "sandbox2-uid", Namespace: "sandbox2-ns"}] + assert.Equal(sandbox2.CreatedAt, p2.StartTime.UnixNano()) + assert.Equal(1, len(p2.Containers)) + assert.Nil(p2.EphemeralStorage) + assert.Nil(p2.VolumeStats) + assert.Nil(p2.Network) + checkCRIPodCPUAndMemoryStats(assert, p2, infos[sandbox2Cgroup].Stats[0]) + + c3 := p2.Containers[0] + assert.Equal(cName3, c3.Name) + assert.Equal(container4.CreatedAt, c3.StartTime.UnixNano()) + checkCRICPUAndMemoryStats(assert, c3, infos[container4.ContainerStatus.Id].Stats[0]) + assert.Nil(c2.Rootfs) + assert.Nil(c2.Logs) + assert.Nil(c2.Accelerators) + assert.Nil(c2.UserDefinedMetrics) + + mockCadvisor.AssertExpectations(t) +} + func TestCRIImagesFsStats(t *testing.T) { var ( imageFsMountpoint = "/test/mount/point" diff --git a/pkg/kubelet/stats/helper.go b/pkg/kubelet/stats/helper.go index e8917958ff6..2bdda4314a6 100644 --- a/pkg/kubelet/stats/helper.go +++ b/pkg/kubelet/stats/helper.go @@ -132,6 +132,21 @@ func cadvisorInfoToContainerStats(name string, info *cadvisorapiv2.ContainerInfo return result } +// cadvisorInfoToContainerCPUAndMemoryStats returns the statsapi.ContainerStats converted +// from the container and filesystem info. +func cadvisorInfoToContainerCPUAndMemoryStats(name string, info *cadvisorapiv2.ContainerInfo) *statsapi.ContainerStats { + result := &statsapi.ContainerStats{ + StartTime: metav1.NewTime(info.Spec.CreationTime), + Name: name, + } + + cpu, memory := cadvisorInfoToCPUandMemoryStats(info) + result.CPU = cpu + result.Memory = memory + + return result +} + // cadvisorInfoToNetworkStats returns the statsapi.NetworkStats converted from // the container info from cadvisor. func cadvisorInfoToNetworkStats(name string, info *cadvisorapiv2.ContainerInfo) *statsapi.NetworkStats { diff --git a/pkg/kubelet/stats/stats_provider.go b/pkg/kubelet/stats/stats_provider.go index 29a24a1b3c2..903f8678a64 100644 --- a/pkg/kubelet/stats/stats_provider.go +++ b/pkg/kubelet/stats/stats_provider.go @@ -85,6 +85,7 @@ type StatsProvider struct { // containers managed by pods. type containerStatsProvider interface { ListPodStats() ([]statsapi.PodStats, error) + ListPodCPUAndMemoryStats() ([]statsapi.PodStats, error) ImageFsStats() (*statsapi.FsStats, error) ImageFsDevice() (string, error) } @@ -106,6 +107,18 @@ func (p *StatsProvider) GetCgroupStats(cgroupName string, updateStats bool) (*st return s, n, nil } +// GetCgroupCPUAndMemoryStats returns the CPU and memory stats of the cgroup with the cgroupName. Note that +// this function doesn't generate filesystem stats. +func (p *StatsProvider) GetCgroupCPUAndMemoryStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, error) { + info, err := getCgroupInfo(p.cadvisor, cgroupName, updateStats) + if err != nil { + return nil, fmt.Errorf("failed to get cgroup stats for %q: %v", cgroupName, err) + } + // Rootfs and imagefs doesn't make sense for raw cgroup. + s := cadvisorInfoToContainerCPUAndMemoryStats(cgroupName, info) + return s, nil +} + // RootFsStats returns the stats of the node root filesystem. func (p *StatsProvider) RootFsStats() (*statsapi.FsStats, error) { rootFsInfo, err := p.cadvisor.RootFsInfo() diff --git a/pkg/kubelet/stats/stats_provider_test.go b/pkg/kubelet/stats/stats_provider_test.go index bbb149075bf..26884547e51 100644 --- a/pkg/kubelet/stats/stats_provider_test.go +++ b/pkg/kubelet/stats/stats_provider_test.go @@ -100,6 +100,39 @@ func TestGetCgroupStats(t *testing.T) { mockCadvisor.AssertExpectations(t) } +func TestGetCgroupCPUAndMemoryStats(t *testing.T) { + const ( + cgroupName = "test-cgroup-name" + containerInfoSeed = 1000 + updateStats = false + ) + var ( + mockCadvisor = new(cadvisortest.Mock) + mockPodManager = new(kubepodtest.MockManager) + mockRuntimeCache = new(kubecontainertest.MockRuntimeCache) + + assert = assert.New(t) + options = cadvisorapiv2.RequestOptions{IdType: cadvisorapiv2.TypeName, Count: 2, Recursive: false} + + containerInfo = getTestContainerInfo(containerInfoSeed, "test-pod", "test-ns", "test-container") + containerInfoMap = map[string]cadvisorapiv2.ContainerInfo{cgroupName: containerInfo} + ) + + mockCadvisor.On("ContainerInfoV2", cgroupName, options).Return(containerInfoMap, nil) + + provider := newStatsProvider(mockCadvisor, mockPodManager, mockRuntimeCache, fakeContainerStatsProvider{}) + cs, err := provider.GetCgroupCPUAndMemoryStats(cgroupName, updateStats) + assert.NoError(err) + + checkCPUStats(t, "", containerInfoSeed, cs.CPU) + checkMemoryStats(t, "", containerInfoSeed, containerInfo, cs.Memory) + + assert.Equal(cgroupName, cs.Name) + assert.Equal(metav1.NewTime(containerInfo.Spec.CreationTime), cs.StartTime) + + mockCadvisor.AssertExpectations(t) +} + func TestRootFsStats(t *testing.T) { const ( rootFsInfoSeed = 1000 @@ -648,6 +681,11 @@ type fakeContainerStatsProvider struct { func (p fakeContainerStatsProvider) ListPodStats() ([]statsapi.PodStats, error) { return nil, fmt.Errorf("not implemented") } + +func (p fakeContainerStatsProvider) ListPodCPUAndMemoryStats() ([]statsapi.PodStats, error) { + return nil, fmt.Errorf("not implemented") +} + func (p fakeContainerStatsProvider) ImageFsStats() (*statsapi.FsStats, error) { return nil, fmt.Errorf("not implemented") } diff --git a/pkg/master/BUILD b/pkg/master/BUILD index 002d57bac4e..2b71107778f 100644 --- a/pkg/master/BUILD +++ b/pkg/master/BUILD @@ -17,6 +17,7 @@ go_library( "//pkg/apis/admission/install:go_default_library", "//pkg/apis/admissionregistration/install:go_default_library", "//pkg/apis/apps/install:go_default_library", + "//pkg/apis/auditregistration/install:go_default_library", "//pkg/apis/authentication/install:go_default_library", "//pkg/apis/authorization/install:go_default_library", "//pkg/apis/autoscaling/install:go_default_library", @@ -43,6 +44,7 @@ go_library( "//pkg/master/tunneler:go_default_library", "//pkg/registry/admissionregistration/rest:go_default_library", "//pkg/registry/apps/rest:go_default_library", + "//pkg/registry/auditregistration/rest:go_default_library", "//pkg/registry/authentication/rest:go_default_library", "//pkg/registry/authorization/rest:go_default_library", "//pkg/registry/autoscaling/rest:go_default_library", @@ -72,6 +74,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/authentication/v1:go_default_library", "//staging/src/k8s.io/api/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/api/authorization/v1:go_default_library", diff --git a/pkg/master/import_known_versions.go b/pkg/master/import_known_versions.go index 42477cc4b17..46e9a33d0d8 100644 --- a/pkg/master/import_known_versions.go +++ b/pkg/master/import_known_versions.go @@ -21,6 +21,7 @@ import ( _ "k8s.io/kubernetes/pkg/apis/admission/install" _ "k8s.io/kubernetes/pkg/apis/admissionregistration/install" _ "k8s.io/kubernetes/pkg/apis/apps/install" + _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" _ "k8s.io/kubernetes/pkg/apis/authentication/install" _ "k8s.io/kubernetes/pkg/apis/authorization/install" _ "k8s.io/kubernetes/pkg/apis/autoscaling/install" diff --git a/pkg/master/master.go b/pkg/master/master.go index 37c672c7094..bda9c0bcb51 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -29,6 +29,7 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authenticationv1beta1 "k8s.io/api/authentication/v1beta1" authorizationapiv1 "k8s.io/api/authorization/v1" @@ -83,6 +84,7 @@ import ( // RESTStorage installers admissionregistrationrest "k8s.io/kubernetes/pkg/registry/admissionregistration/rest" appsrest "k8s.io/kubernetes/pkg/registry/apps/rest" + auditregistrationrest "k8s.io/kubernetes/pkg/registry/auditregistration/rest" authenticationrest "k8s.io/kubernetes/pkg/registry/authentication/rest" authorizationrest "k8s.io/kubernetes/pkg/registry/authorization/rest" autoscalingrest "k8s.io/kubernetes/pkg/registry/autoscaling/rest" @@ -346,6 +348,7 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget) // TODO: describe the priority all the way down in the RESTStorageProviders and plumb it back through the various discovery // handlers that we have. restStorageProviders := []RESTStorageProvider{ + auditregistrationrest.RESTStorageProvider{}, authenticationrest.RESTStorageProvider{Authenticator: c.GenericConfig.Authentication.Authenticator}, authorizationrest.RESTStorageProvider{Authorizer: c.GenericConfig.Authorization.Authorizer, RuleResolver: c.GenericConfig.RuleResolver}, autoscalingrest.RESTStorageProvider{}, @@ -505,6 +508,7 @@ func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig { ) // disable alpha versions explicitly so we have a full list of what's possible to serve ret.DisableVersions( + auditregistrationv1alpha1.SchemeGroupVersion, admissionregistrationv1alpha1.SchemeGroupVersion, batchapiv2alpha1.SchemeGroupVersion, rbacv1alpha1.SchemeGroupVersion, diff --git a/pkg/printers/internalversion/describe.go b/pkg/printers/internalversion/describe.go index 8549447de89..f4f848931a5 100644 --- a/pkg/printers/internalversion/describe.go +++ b/pkg/printers/internalversion/describe.go @@ -195,8 +195,21 @@ func DescriberFor(kind schema.GroupKind, clientConfig *rest.Config) (printers.De // GenericDescriberFor returns a generic describer for the specified mapping // that uses only information available from runtime.Unstructured -func GenericDescriberFor(mapping *meta.RESTMapping, dynamic dynamic.Interface, events coreclient.EventsGetter) printers.Describer { - return &genericDescriber{mapping, dynamic, events} +func GenericDescriberFor(mapping *meta.RESTMapping, clientConfig *rest.Config) (printers.Describer, bool) { + // used to fetch the resource + dynamicClient, err := dynamic.NewForConfig(clientConfig) + if err != nil { + return nil, false + } + + // used to get events for the resource + clientSet, err := clientset.NewForConfig(clientConfig) + if err != nil { + return nil, false + } + eventsClient := clientSet.Core() + + return &genericDescriber{mapping, dynamicClient, eventsClient}, true } type genericDescriber struct { diff --git a/pkg/registry/BUILD b/pkg/registry/BUILD index 5b6479b76c3..6c5128b1039 100644 --- a/pkg/registry/BUILD +++ b/pkg/registry/BUILD @@ -32,6 +32,8 @@ filegroup( "//pkg/registry/apps/replicaset:all-srcs", "//pkg/registry/apps/rest:all-srcs", "//pkg/registry/apps/statefulset:all-srcs", + "//pkg/registry/auditregistration/auditsink:all-srcs", + "//pkg/registry/auditregistration/rest:all-srcs", "//pkg/registry/authentication/rest:all-srcs", "//pkg/registry/authentication/tokenreview:all-srcs", "//pkg/registry/authorization/localsubjectaccessreview:all-srcs", diff --git a/pkg/registry/auditregistration/auditsink/BUILD b/pkg/registry/auditregistration/auditsink/BUILD new file mode 100644 index 00000000000..c34dafb7770 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "strategy.go", + ], + importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink", + visibility = ["//visibility:public"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/apis/auditregistration:go_default_library", + "//pkg/apis/auditregistration/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/storage/names:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/registry/auditregistration/auditsink/storage:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/registry/auditregistration/auditsink/doc.go b/pkg/registry/auditregistration/auditsink/doc.go new file mode 100644 index 00000000000..09f36e9aa81 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/doc.go @@ -0,0 +1,17 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package auditsink // import "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink" diff --git a/pkg/registry/auditregistration/auditsink/storage/BUILD b/pkg/registry/auditregistration/auditsink/storage/BUILD new file mode 100644 index 00000000000..daa0d67de05 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/storage/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["storage.go"], + importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink/storage", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/auditregistration:go_default_library", + "//pkg/registry/auditregistration/auditsink:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/registry/auditregistration/auditsink/storage/storage.go b/pkg/registry/auditregistration/auditsink/storage/storage.go new file mode 100644 index 00000000000..f0f071407a7 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/storage/storage.go @@ -0,0 +1,51 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package storage + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/registry/generic" + genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" + "k8s.io/kubernetes/pkg/apis/auditregistration" + auditstrategy "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink" +) + +// REST implements a RESTStorage for audit sink against etcd +type REST struct { + *genericregistry.Store +} + +// NewREST returns a RESTStorage object that will work against audit sinks +func NewREST(optsGetter generic.RESTOptionsGetter) *REST { + store := &genericregistry.Store{ + NewFunc: func() runtime.Object { return &auditregistration.AuditSink{} }, + NewListFunc: func() runtime.Object { return &auditregistration.AuditSinkList{} }, + ObjectNameFunc: func(obj runtime.Object) (string, error) { + return obj.(*auditregistration.AuditSink).Name, nil + }, + DefaultQualifiedResource: auditregistration.Resource("auditsinks"), + + CreateStrategy: auditstrategy.Strategy, + UpdateStrategy: auditstrategy.Strategy, + DeleteStrategy: auditstrategy.Strategy, + } + options := &generic.StoreOptions{RESTOptions: optsGetter} + if err := store.CompleteWithOptions(options); err != nil { + panic(err) // TODO: Propagate error up + } + return &REST{store} +} diff --git a/pkg/registry/auditregistration/auditsink/strategy.go b/pkg/registry/auditregistration/auditsink/strategy.go new file mode 100644 index 00000000000..23c85ccbca6 --- /dev/null +++ b/pkg/registry/auditregistration/auditsink/strategy.go @@ -0,0 +1,89 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package auditsink + +import ( + "context" + "reflect" + + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/apiserver/pkg/storage/names" + "k8s.io/kubernetes/pkg/api/legacyscheme" + audit "k8s.io/kubernetes/pkg/apis/auditregistration" + "k8s.io/kubernetes/pkg/apis/auditregistration/validation" +) + +// auditSinkStrategy implements verification logic for AuditSink. +type auditSinkStrategy struct { + runtime.ObjectTyper + names.NameGenerator +} + +// Strategy is the default logic that applies when creating and updating AuditSink objects. +var Strategy = auditSinkStrategy{legacyscheme.Scheme, names.SimpleNameGenerator} + +// NamespaceScoped returns false because all AuditSink's need to be cluster scoped +func (auditSinkStrategy) NamespaceScoped() bool { + return false +} + +// PrepareForCreate clears the status of an AuditSink before creation. +func (auditSinkStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) { + ic := obj.(*audit.AuditSink) + ic.Generation = 1 +} + +// PrepareForUpdate clears fields that are not allowed to be set by end users on update. +func (auditSinkStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { + newIC := obj.(*audit.AuditSink) + oldIC := old.(*audit.AuditSink) + + // Any changes to the policy or backend increment the generation number + // See metav1.ObjectMeta description for more information on Generation. + if !reflect.DeepEqual(oldIC.Spec, newIC.Spec) { + newIC.Generation = oldIC.Generation + 1 + } +} + +// Validate validates a new auditSink. +func (auditSinkStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { + ic := obj.(*audit.AuditSink) + return validation.ValidateAuditSink(ic) +} + +// Canonicalize normalizes the object after validation. +func (auditSinkStrategy) Canonicalize(obj runtime.Object) { +} + +// AllowCreateOnUpdate is true for auditSink; this means you may create one with a PUT request. +func (auditSinkStrategy) AllowCreateOnUpdate() bool { + return false +} + +// ValidateUpdate is the default update validation for an end user. +func (auditSinkStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { + validationErrorList := validation.ValidateAuditSink(obj.(*audit.AuditSink)) + updateErrorList := validation.ValidateAuditSinkUpdate(obj.(*audit.AuditSink), old.(*audit.AuditSink)) + return append(validationErrorList, updateErrorList...) +} + +// AllowUnconditionalUpdate is the default update policy for auditSink objects. Status update should +// only be allowed if version match. +func (auditSinkStrategy) AllowUnconditionalUpdate() bool { + return false +} diff --git a/pkg/registry/auditregistration/rest/BUILD b/pkg/registry/auditregistration/rest/BUILD new file mode 100644 index 00000000000..a772ac495a0 --- /dev/null +++ b/pkg/registry/auditregistration/rest/BUILD @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["storage_auditregistration.go"], + importpath = "k8s.io/kubernetes/pkg/registry/auditregistration/rest", + visibility = ["//visibility:public"], + deps = [ + "//pkg/api/legacyscheme:go_default_library", + "//pkg/registry/auditregistration/auditsink/storage:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/rest:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/registry/auditregistration/rest/storage_auditregistration.go b/pkg/registry/auditregistration/rest/storage_auditregistration.go new file mode 100644 index 00000000000..4bc5e884969 --- /dev/null +++ b/pkg/registry/auditregistration/rest/storage_auditregistration.go @@ -0,0 +1,53 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package rest + +import ( + auditv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apiserver/pkg/registry/generic" + "k8s.io/apiserver/pkg/registry/rest" + genericapiserver "k8s.io/apiserver/pkg/server" + serverstorage "k8s.io/apiserver/pkg/server/storage" + "k8s.io/kubernetes/pkg/api/legacyscheme" + auditstorage "k8s.io/kubernetes/pkg/registry/auditregistration/auditsink/storage" +) + +// RESTStorageProvider is a REST storage provider for audit.k8s.io +type RESTStorageProvider struct{} + +// NewRESTStorage returns a RESTStorageProvider +func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool) { + apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(auditv1alpha1.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs) + + if apiResourceConfigSource.VersionEnabled(auditv1alpha1.SchemeGroupVersion) { + apiGroupInfo.VersionedResourcesStorageMap[auditv1alpha1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter) + } + return apiGroupInfo, true +} + +func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage { + storage := map[string]rest.Storage{} + s := auditstorage.NewREST(restOptionsGetter) + storage["auditsinks"] = s + + return storage +} + +// GroupName is the group name for the storage provider +func (p RESTStorageProvider) GroupName() string { + return auditv1alpha1.GroupName +} diff --git a/pkg/volume/azure_dd/BUILD b/pkg/volume/azure_dd/BUILD index a4f7c77b6a8..582c878f8a3 100644 --- a/pkg/volume/azure_dd/BUILD +++ b/pkg/volume/azure_dd/BUILD @@ -40,7 +40,7 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute:go_default_library", - "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage:go_default_library", + "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", "//vendor/github.com/golang/glog:go_default_library", ], ) @@ -76,7 +76,7 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/client-go/util/testing:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute:go_default_library", - "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage:go_default_library", + "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library", "//vendor/github.com/stretchr/testify/assert:go_default_library", ], diff --git a/pkg/volume/azure_dd/attacher.go b/pkg/volume/azure_dd/attacher.go index beb2311c6d2..e23a07290b9 100644 --- a/pkg/volume/azure_dd/attacher.go +++ b/pkg/volume/azure_dd/attacher.go @@ -87,9 +87,9 @@ func (a *azureDiskAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) ( if err == nil { // Volume is already attached to node. - glog.V(4).Infof("Attach operation is successful. volume %q is already attached to node %q at lun %d.", volumeSource.DiskName, instanceid, lun) + glog.V(2).Infof("Attach operation is successful. volume %q is already attached to node %q at lun %d.", volumeSource.DiskName, instanceid, lun) } else { - glog.V(4).Infof("GetDiskLun returned: %v. Initiating attaching volume %q to node %q.", err, volumeSource.DataDiskURI, nodeName) + glog.V(2).Infof("GetDiskLun returned: %v. Initiating attaching volume %q to node %q.", err, volumeSource.DataDiskURI, nodeName) getLunMutex.LockKey(instanceid) defer getLunMutex.UnlockKey(instanceid) @@ -98,11 +98,11 @@ func (a *azureDiskAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) ( glog.Warningf("no LUN available for instance %q (%v)", nodeName, err) return "", fmt.Errorf("all LUNs are used, cannot attach volume %q to instance %q (%v)", volumeSource.DiskName, instanceid, err) } - glog.V(4).Infof("Trying to attach volume %q lun %d to node %q.", volumeSource.DataDiskURI, lun, nodeName) + glog.V(2).Infof("Trying to attach volume %q lun %d to node %q.", volumeSource.DataDiskURI, lun, nodeName) isManagedDisk := (*volumeSource.Kind == v1.AzureManagedDisk) err = diskController.AttachDisk(isManagedDisk, volumeSource.DiskName, volumeSource.DataDiskURI, nodeName, lun, compute.CachingTypes(*volumeSource.CachingMode)) if err == nil { - glog.V(4).Infof("Attach operation successful: volume %q attached to node %q.", volumeSource.DataDiskURI, nodeName) + glog.V(2).Infof("Attach operation successful: volume %q attached to node %q.", volumeSource.DataDiskURI, nodeName) } else { glog.V(2).Infof("Attach volume %q to instance %q failed with %v", volumeSource.DataDiskURI, instanceid, err) return "", fmt.Errorf("Attach volume %q to instance %q failed with %v", volumeSource.DiskName, instanceid, err) @@ -167,13 +167,13 @@ func (a *azureDiskAttacher) WaitForAttach(spec *volume.Spec, devicePath string, nodeName := types.NodeName(a.plugin.host.GetHostName()) diskName := volumeSource.DiskName - glog.V(5).Infof("azureDisk - WaitForAttach: begin to GetDiskLun by diskName(%s), DataDiskURI(%s), nodeName(%s), devicePath(%s)", + glog.V(2).Infof("azureDisk - WaitForAttach: begin to GetDiskLun by diskName(%s), DataDiskURI(%s), nodeName(%s), devicePath(%s)", diskName, volumeSource.DataDiskURI, nodeName, devicePath) lun, err := diskController.GetDiskLun(diskName, volumeSource.DataDiskURI, nodeName) if err != nil { return "", err } - glog.V(5).Infof("azureDisk - WaitForAttach: GetDiskLun succeeded, got lun(%v)", lun) + glog.V(2).Infof("azureDisk - WaitForAttach: GetDiskLun succeeded, got lun(%v)", lun) exec := a.plugin.host.GetExec(a.plugin.GetPluginName()) io := &osIOHandler{} @@ -281,7 +281,7 @@ func (d *azureDiskDetacher) Detach(diskURI string, nodeName types.NodeName) erro return nil } - glog.V(4).Infof("detach %v from node %q", diskURI, nodeName) + glog.V(2).Infof("detach %v from node %q", diskURI, nodeName) diskController, err := getDiskController(d.plugin.host) if err != nil { @@ -304,9 +304,9 @@ func (d *azureDiskDetacher) Detach(diskURI string, nodeName types.NodeName) erro func (detacher *azureDiskDetacher) UnmountDevice(deviceMountPath string) error { err := util.UnmountPath(deviceMountPath, detacher.plugin.host.GetMounter(detacher.plugin.GetPluginName())) if err == nil { - glog.V(4).Infof("azureDisk - Device %s was unmounted", deviceMountPath) + glog.V(2).Infof("azureDisk - Device %s was unmounted", deviceMountPath) } else { - glog.Infof("azureDisk - Device %s failed to unmount with error: %s", deviceMountPath, err.Error()) + glog.Warningf("azureDisk - Device %s failed to unmount with error: %s", deviceMountPath, err.Error()) } return err } diff --git a/pkg/volume/azure_dd/azure_common.go b/pkg/volume/azure_dd/azure_common.go index 652dc05e1d2..d7a8e2d0cbe 100644 --- a/pkg/volume/azure_dd/azure_common.go +++ b/pkg/volume/azure_dd/azure_common.go @@ -23,7 +23,7 @@ import ( "path/filepath" libstrings "strings" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" diff --git a/pkg/volume/azure_dd/azure_common_test.go b/pkg/volume/azure_dd/azure_common_test.go index debda512d73..ec197ed873c 100644 --- a/pkg/volume/azure_dd/azure_common_test.go +++ b/pkg/volume/azure_dd/azure_common_test.go @@ -24,7 +24,7 @@ import ( "testing" "time" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/stretchr/testify/assert" "k8s.io/kubernetes/pkg/util/mount" diff --git a/pkg/volume/azure_dd/azure_dd.go b/pkg/volume/azure_dd/azure_dd.go index 1e19e9e63ec..68e326bddfa 100644 --- a/pkg/volume/azure_dd/azure_dd.go +++ b/pkg/volume/azure_dd/azure_dd.go @@ -22,7 +22,7 @@ import ( "strings" "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute" - "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/golang/glog" "k8s.io/api/core/v1" diff --git a/pkg/volume/azure_file/BUILD b/pkg/volume/azure_file/BUILD index 8a9b24239fb..3f278c7b227 100644 --- a/pkg/volume/azure_file/BUILD +++ b/pkg/volume/azure_file/BUILD @@ -27,6 +27,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", "//vendor/github.com/golang/glog:go_default_library", ], ) diff --git a/pkg/volume/azure_file/azure_provision.go b/pkg/volume/azure_file/azure_provision.go index d3281d70bae..96ba0b10cc9 100644 --- a/pkg/volume/azure_file/azure_provision.go +++ b/pkg/volume/azure_file/azure_provision.go @@ -20,7 +20,9 @@ import ( "fmt" "strings" + "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage" "github.com/golang/glog" + "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -38,7 +40,7 @@ var _ volume.ProvisionableVolumePlugin = &azureFilePlugin{} // azure cloud provider should implement it type azureCloudProvider interface { // create a file share - CreateFileShare(shareName, accountName, accountType, resourceGroup, location string, requestGiB int) (string, string, error) + CreateFileShare(shareName, accountName, accountType, accountKind, resourceGroup, location string, requestGiB int) (string, string, error) // delete a file share DeleteFileShare(accountName, accountKey, shareName string) error // resize a file share @@ -171,7 +173,12 @@ func (a *azureFileProvisioner) Provision(selectedNode *v1.Node, allowedTopologie return nil, fmt.Errorf("claim.Spec.Selector is not supported for dynamic provisioning on Azure file") } - account, key, err := a.azureProvider.CreateFileShare(name, account, sku, resourceGroup, location, requestGiB) + // when use azure file premium, account kind should be specified as FileStorage + accountKind := string(storage.StorageV2) + if strings.HasPrefix(strings.ToLower(sku), "premium") { + accountKind = string(storage.FileStorage) + } + account, key, err := a.azureProvider.CreateFileShare(name, account, sku, accountKind, resourceGroup, location, requestGiB) if err != nil { return nil, err } diff --git a/staging/src/BUILD b/staging/src/BUILD index 80464ee5a18..b771f0dcb1d 100644 --- a/staging/src/BUILD +++ b/staging/src/BUILD @@ -128,6 +128,7 @@ filegroup( "//staging/src/k8s.io/client-go/listers/apps/v1:all-srcs", "//staging/src/k8s.io/client-go/listers/apps/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/listers/apps/v1beta2:all-srcs", + "//staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1:all-srcs", "//staging/src/k8s.io/client-go/listers/authentication/v1:all-srcs", "//staging/src/k8s.io/client-go/listers/authentication/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/listers/authorization/v1:all-srcs", diff --git a/staging/src/k8s.io/api/BUILD b/staging/src/k8s.io/api/BUILD index 482955e4149..fe6ca1e4e1b 100644 --- a/staging/src/k8s.io/api/BUILD +++ b/staging/src/k8s.io/api/BUILD @@ -63,6 +63,7 @@ filegroup( "//staging/src/k8s.io/api/apps/v1:all-srcs", "//staging/src/k8s.io/api/apps/v1beta1:all-srcs", "//staging/src/k8s.io/api/apps/v1beta2:all-srcs", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:all-srcs", "//staging/src/k8s.io/api/authentication/v1:all-srcs", "//staging/src/k8s.io/api/authentication/v1beta1:all-srcs", "//staging/src/k8s.io/api/authorization/v1:all-srcs", diff --git a/staging/src/k8s.io/api/auditregistration/OWNERS b/staging/src/k8s.io/api/auditregistration/OWNERS new file mode 100644 index 00000000000..df96f16bf05 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/OWNERS @@ -0,0 +1,5 @@ +reviewers: +- lavalamp +- sttts +- tallclair +- pbarker \ No newline at end of file diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD new file mode 100644 index 00000000000..5f1523e0f00 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "generated.pb.go", + "register.go", + "types.go", + "types_swagger_doc_generated.go", + "zz_generated.deepcopy.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1", + importpath = "k8s.io/api/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/github.com/gogo/protobuf/proto:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go new file mode 100644 index 00000000000..c0d184a9984 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/doc.go @@ -0,0 +1,22 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:deepcopy-gen=package +// +k8s:openapi-gen=true + +// +groupName=auditregistration.k8s.io + +package v1alpha1 // import "k8s.io/api/auditregistration/v1alpha1" diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go new file mode 100644 index 00000000000..399d92b380e --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.pb.go @@ -0,0 +1,1685 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto + +/* + Package v1alpha1 is a generated protocol buffer package. + + It is generated from these files: + k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto + + It has these top-level messages: + AuditSink + AuditSinkList + AuditSinkSpec + Policy + ServiceReference + Webhook + WebhookClientConfig + WebhookThrottleConfig +*/ +package v1alpha1 + +import proto "github.com/gogo/protobuf/proto" +import fmt "fmt" +import math "math" + +import strings "strings" +import reflect "reflect" + +import io "io" + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package + +func (m *AuditSink) Reset() { *m = AuditSink{} } +func (*AuditSink) ProtoMessage() {} +func (*AuditSink) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} } + +func (m *AuditSinkList) Reset() { *m = AuditSinkList{} } +func (*AuditSinkList) ProtoMessage() {} +func (*AuditSinkList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} } + +func (m *AuditSinkSpec) Reset() { *m = AuditSinkSpec{} } +func (*AuditSinkSpec) ProtoMessage() {} +func (*AuditSinkSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} } + +func (m *Policy) Reset() { *m = Policy{} } +func (*Policy) ProtoMessage() {} +func (*Policy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} } + +func (m *ServiceReference) Reset() { *m = ServiceReference{} } +func (*ServiceReference) ProtoMessage() {} +func (*ServiceReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} } + +func (m *Webhook) Reset() { *m = Webhook{} } +func (*Webhook) ProtoMessage() {} +func (*Webhook) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} } + +func (m *WebhookClientConfig) Reset() { *m = WebhookClientConfig{} } +func (*WebhookClientConfig) ProtoMessage() {} +func (*WebhookClientConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} } + +func (m *WebhookThrottleConfig) Reset() { *m = WebhookThrottleConfig{} } +func (*WebhookThrottleConfig) ProtoMessage() {} +func (*WebhookThrottleConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} } + +func init() { + proto.RegisterType((*AuditSink)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSink") + proto.RegisterType((*AuditSinkList)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSinkList") + proto.RegisterType((*AuditSinkSpec)(nil), "k8s.io.api.auditregistration.v1alpha1.AuditSinkSpec") + proto.RegisterType((*Policy)(nil), "k8s.io.api.auditregistration.v1alpha1.Policy") + proto.RegisterType((*ServiceReference)(nil), "k8s.io.api.auditregistration.v1alpha1.ServiceReference") + proto.RegisterType((*Webhook)(nil), "k8s.io.api.auditregistration.v1alpha1.Webhook") + proto.RegisterType((*WebhookClientConfig)(nil), "k8s.io.api.auditregistration.v1alpha1.WebhookClientConfig") + proto.RegisterType((*WebhookThrottleConfig)(nil), "k8s.io.api.auditregistration.v1alpha1.WebhookThrottleConfig") +} +func (m *AuditSink) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AuditSink) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size())) + n1, err := m.ObjectMeta.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n1 + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size())) + n2, err := m.Spec.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n2 + return i, nil +} + +func (m *AuditSinkList) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AuditSinkList) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size())) + n3, err := m.ListMeta.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n3 + if len(m.Items) > 0 { + for _, msg := range m.Items { + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } + return i, nil +} + +func (m *AuditSinkSpec) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AuditSinkSpec) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Policy.Size())) + n4, err := m.Policy.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n4 + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Webhook.Size())) + n5, err := m.Webhook.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n5 + return i, nil +} + +func (m *Policy) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Policy) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Level))) + i += copy(dAtA[i:], m.Level) + if len(m.Stages) > 0 { + for _, s := range m.Stages { + dAtA[i] = 0x12 + i++ + l = len(s) + for l >= 1<<7 { + dAtA[i] = uint8(uint64(l)&0x7f | 0x80) + l >>= 7 + i++ + } + dAtA[i] = uint8(l) + i++ + i += copy(dAtA[i:], s) + } + } + return i, nil +} + +func (m *ServiceReference) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *ServiceReference) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Namespace))) + i += copy(dAtA[i:], m.Namespace) + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name))) + i += copy(dAtA[i:], m.Name) + if m.Path != nil { + dAtA[i] = 0x1a + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(*m.Path))) + i += copy(dAtA[i:], *m.Path) + } + return i, nil +} + +func (m *Webhook) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Webhook) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.Throttle != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Throttle.Size())) + n6, err := m.Throttle.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n6 + } + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ClientConfig.Size())) + n7, err := m.ClientConfig.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n7 + return i, nil +} + +func (m *WebhookClientConfig) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *WebhookClientConfig) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.URL != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(*m.URL))) + i += copy(dAtA[i:], *m.URL) + } + if m.Service != nil { + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Service.Size())) + n8, err := m.Service.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n8 + } + if m.CABundle != nil { + dAtA[i] = 0x1a + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.CABundle))) + i += copy(dAtA[i:], m.CABundle) + } + return i, nil +} + +func (m *WebhookThrottleConfig) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *WebhookThrottleConfig) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.QPS != nil { + dAtA[i] = 0x8 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(*m.QPS)) + } + if m.Burst != nil { + dAtA[i] = 0x10 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(*m.Burst)) + } + return i, nil +} + +func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int { + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return offset + 1 +} +func (m *AuditSink) Size() (n int) { + var l int + _ = l + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) + l = m.Spec.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *AuditSinkList) Size() (n int) { + var l int + _ = l + l = m.ListMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) + if len(m.Items) > 0 { + for _, e := range m.Items { + l = e.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + +func (m *AuditSinkSpec) Size() (n int) { + var l int + _ = l + l = m.Policy.Size() + n += 1 + l + sovGenerated(uint64(l)) + l = m.Webhook.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *Policy) Size() (n int) { + var l int + _ = l + l = len(m.Level) + n += 1 + l + sovGenerated(uint64(l)) + if len(m.Stages) > 0 { + for _, s := range m.Stages { + l = len(s) + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + +func (m *ServiceReference) Size() (n int) { + var l int + _ = l + l = len(m.Namespace) + n += 1 + l + sovGenerated(uint64(l)) + l = len(m.Name) + n += 1 + l + sovGenerated(uint64(l)) + if m.Path != nil { + l = len(*m.Path) + n += 1 + l + sovGenerated(uint64(l)) + } + return n +} + +func (m *Webhook) Size() (n int) { + var l int + _ = l + if m.Throttle != nil { + l = m.Throttle.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + l = m.ClientConfig.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *WebhookClientConfig) Size() (n int) { + var l int + _ = l + if m.URL != nil { + l = len(*m.URL) + n += 1 + l + sovGenerated(uint64(l)) + } + if m.Service != nil { + l = m.Service.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + if m.CABundle != nil { + l = len(m.CABundle) + n += 1 + l + sovGenerated(uint64(l)) + } + return n +} + +func (m *WebhookThrottleConfig) Size() (n int) { + var l int + _ = l + if m.QPS != nil { + n += 1 + sovGenerated(uint64(*m.QPS)) + } + if m.Burst != nil { + n += 1 + sovGenerated(uint64(*m.Burst)) + } + return n +} + +func sovGenerated(x uint64) (n int) { + for { + n++ + x >>= 7 + if x == 0 { + break + } + } + return n +} +func sozGenerated(x uint64) (n int) { + return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *AuditSink) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&AuditSink{`, + `ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`, + `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "AuditSinkSpec", "AuditSinkSpec", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *AuditSinkList) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&AuditSinkList{`, + `ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`, + `Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "AuditSink", "AuditSink", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *AuditSinkSpec) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&AuditSinkSpec{`, + `Policy:` + strings.Replace(strings.Replace(this.Policy.String(), "Policy", "Policy", 1), `&`, ``, 1) + `,`, + `Webhook:` + strings.Replace(strings.Replace(this.Webhook.String(), "Webhook", "Webhook", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *Policy) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Policy{`, + `Level:` + fmt.Sprintf("%v", this.Level) + `,`, + `Stages:` + fmt.Sprintf("%v", this.Stages) + `,`, + `}`, + }, "") + return s +} +func (this *ServiceReference) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&ServiceReference{`, + `Namespace:` + fmt.Sprintf("%v", this.Namespace) + `,`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Path:` + valueToStringGenerated(this.Path) + `,`, + `}`, + }, "") + return s +} +func (this *Webhook) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Webhook{`, + `Throttle:` + strings.Replace(fmt.Sprintf("%v", this.Throttle), "WebhookThrottleConfig", "WebhookThrottleConfig", 1) + `,`, + `ClientConfig:` + strings.Replace(strings.Replace(this.ClientConfig.String(), "WebhookClientConfig", "WebhookClientConfig", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *WebhookClientConfig) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&WebhookClientConfig{`, + `URL:` + valueToStringGenerated(this.URL) + `,`, + `Service:` + strings.Replace(fmt.Sprintf("%v", this.Service), "ServiceReference", "ServiceReference", 1) + `,`, + `CABundle:` + valueToStringGenerated(this.CABundle) + `,`, + `}`, + }, "") + return s +} +func (this *WebhookThrottleConfig) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&WebhookThrottleConfig{`, + `QPS:` + valueToStringGenerated(this.QPS) + `,`, + `Burst:` + valueToStringGenerated(this.Burst) + `,`, + `}`, + }, "") + return s +} +func valueToStringGenerated(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *AuditSink) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AuditSink: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AuditSink: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AuditSinkList) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AuditSinkList: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AuditSinkList: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Items = append(m.Items, AuditSink{}) + if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *AuditSinkSpec) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AuditSinkSpec: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AuditSinkSpec: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Policy", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Policy.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Webhook", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Webhook.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Policy) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Policy: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Policy: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Level", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Level = Level(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Stages", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Stages = append(m.Stages, Stage(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ServiceReference) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ServiceReference: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ServiceReference: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Namespace = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Path", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + s := string(dAtA[iNdEx:postIndex]) + m.Path = &s + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Webhook) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Webhook: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Webhook: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Throttle", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Throttle == nil { + m.Throttle = &WebhookThrottleConfig{} + } + if err := m.Throttle.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ClientConfig", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ClientConfig.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *WebhookClientConfig) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: WebhookClientConfig: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: WebhookClientConfig: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field URL", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + s := string(dAtA[iNdEx:postIndex]) + m.URL = &s + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Service == nil { + m.Service = &ServiceReference{} + } + if err := m.Service.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CABundle", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + byteLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.CABundle = append(m.CABundle[:0], dAtA[iNdEx:postIndex]...) + if m.CABundle == nil { + m.CABundle = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *WebhookThrottleConfig) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: WebhookThrottleConfig: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: WebhookThrottleConfig: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field QPS", wireType) + } + var v int64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= (int64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + m.QPS = &v + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Burst", wireType) + } + var v int64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= (int64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + m.Burst = &v + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipGenerated(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + return iNdEx, nil + case 1: + iNdEx += 8 + return iNdEx, nil + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + iNdEx += length + if length < 0 { + return 0, ErrInvalidLengthGenerated + } + return iNdEx, nil + case 3: + for { + var innerWire uint64 + var start int = iNdEx + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + innerWire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + innerWireType := int(innerWire & 0x7) + if innerWireType == 4 { + break + } + next, err := skipGenerated(dAtA[start:]) + if err != nil { + return 0, err + } + iNdEx = start + next + } + return iNdEx, nil + case 4: + return iNdEx, nil + case 5: + iNdEx += 4 + return iNdEx, nil + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + } + panic("unreachable") +} + +var ( + ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowGenerated = fmt.Errorf("proto: integer overflow") +) + +func init() { + proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/api/auditregistration/v1alpha1/generated.proto", fileDescriptorGenerated) +} + +var fileDescriptorGenerated = []byte{ + // 747 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x52, 0x41, 0x6f, 0xd3, 0x48, + 0x14, 0x8e, 0x9b, 0xa4, 0x49, 0xa6, 0xe9, 0x6e, 0x77, 0xba, 0xbb, 0xca, 0x56, 0x2b, 0xa7, 0xb2, + 0xb4, 0x52, 0xa5, 0xdd, 0x8e, 0xb7, 0xa8, 0x02, 0x84, 0xb8, 0xd4, 0x3d, 0x21, 0x95, 0x52, 0x26, + 0x14, 0x04, 0x42, 0x88, 0x89, 0xf3, 0x62, 0x0f, 0x49, 0x6c, 0x63, 0x8f, 0x83, 0x7a, 0x43, 0xe2, + 0x0f, 0xf0, 0x7b, 0xb8, 0x21, 0x81, 0xd4, 0x63, 0x8f, 0x3d, 0x55, 0x34, 0x1c, 0xf8, 0x0f, 0x9c, + 0xd0, 0x8c, 0xc7, 0x49, 0x68, 0x8a, 0x48, 0x6f, 0x33, 0xdf, 0xbc, 0xef, 0x7b, 0xdf, 0xf7, 0xde, + 0xa0, 0xfd, 0xde, 0xcd, 0x84, 0xf0, 0xd0, 0xee, 0xa5, 0x6d, 0x88, 0x03, 0x10, 0x90, 0xd8, 0x43, + 0x08, 0x3a, 0x61, 0x6c, 0xeb, 0x07, 0x16, 0x71, 0x9b, 0xa5, 0x1d, 0x2e, 0x62, 0xf0, 0x78, 0x22, + 0x62, 0x26, 0x78, 0x18, 0xd8, 0xc3, 0x2d, 0xd6, 0x8f, 0x7c, 0xb6, 0x65, 0x7b, 0x10, 0x40, 0xcc, + 0x04, 0x74, 0x48, 0x14, 0x87, 0x22, 0xc4, 0xff, 0x64, 0x34, 0xc2, 0x22, 0x4e, 0x66, 0x68, 0x24, + 0xa7, 0xad, 0x6d, 0x7a, 0x5c, 0xf8, 0x69, 0x9b, 0xb8, 0xe1, 0xc0, 0xf6, 0x42, 0x2f, 0xb4, 0x15, + 0xbb, 0x9d, 0x76, 0xd5, 0x4d, 0x5d, 0xd4, 0x29, 0x53, 0x5d, 0xdb, 0x9e, 0x98, 0x19, 0x30, 0xd7, + 0xe7, 0x01, 0xc4, 0x47, 0x76, 0xd4, 0xf3, 0x24, 0x90, 0xd8, 0x03, 0x10, 0xcc, 0x1e, 0xce, 0x78, + 0x59, 0xb3, 0x7f, 0xc4, 0x8a, 0xd3, 0x40, 0xf0, 0x01, 0xcc, 0x10, 0xae, 0xff, 0x8c, 0x90, 0xb8, + 0x3e, 0x0c, 0xd8, 0x45, 0x9e, 0xf5, 0xd1, 0x40, 0xb5, 0x1d, 0x19, 0xb6, 0xc5, 0x83, 0x1e, 0x7e, + 0x8e, 0xaa, 0xd2, 0x51, 0x87, 0x09, 0xd6, 0x30, 0xd6, 0x8d, 0x8d, 0xa5, 0x6b, 0xff, 0x93, 0xc9, + 0x54, 0xc6, 0xc2, 0x24, 0xea, 0x79, 0x12, 0x48, 0x88, 0xac, 0x26, 0xc3, 0x2d, 0x72, 0xaf, 0xfd, + 0x02, 0x5c, 0x71, 0x17, 0x04, 0x73, 0xf0, 0xf1, 0x59, 0xb3, 0x30, 0x3a, 0x6b, 0xa2, 0x09, 0x46, + 0xc7, 0xaa, 0xf8, 0x21, 0x2a, 0x25, 0x11, 0xb8, 0x8d, 0x05, 0xa5, 0xbe, 0x4d, 0xe6, 0x9a, 0x39, + 0x19, 0x3b, 0x6c, 0x45, 0xe0, 0x3a, 0x75, 0xdd, 0xa1, 0x24, 0x6f, 0x54, 0xe9, 0x59, 0x1f, 0x0c, + 0xb4, 0x3c, 0xae, 0xda, 0xe3, 0x89, 0xc0, 0x4f, 0x67, 0xb2, 0x90, 0xf9, 0xb2, 0x48, 0xb6, 0x4a, + 0xb2, 0xa2, 0xfb, 0x54, 0x73, 0x64, 0x2a, 0xc7, 0x21, 0x2a, 0x73, 0x01, 0x83, 0xa4, 0xb1, 0xb0, + 0x5e, 0xbc, 0x30, 0xa6, 0xb9, 0x82, 0x38, 0xcb, 0x5a, 0xbc, 0x7c, 0x47, 0xca, 0xd0, 0x4c, 0xcd, + 0x7a, 0x3f, 0x1d, 0x43, 0xc6, 0xc3, 0x87, 0x68, 0x31, 0x0a, 0xfb, 0xdc, 0x3d, 0xd2, 0x21, 0x36, + 0xe7, 0xec, 0x74, 0xa0, 0x48, 0xce, 0x2f, 0xba, 0xcd, 0x62, 0x76, 0xa7, 0x5a, 0x0c, 0x3f, 0x46, + 0x95, 0x57, 0xd0, 0xf6, 0xc3, 0xb0, 0xa7, 0x57, 0x41, 0xe6, 0xd4, 0x7d, 0x94, 0xb1, 0x9c, 0x5f, + 0xb5, 0x70, 0x45, 0x03, 0x34, 0xd7, 0xb3, 0x5c, 0xa4, 0x9b, 0xe1, 0xff, 0x50, 0xb9, 0x0f, 0x43, + 0xe8, 0x2b, 0xeb, 0x35, 0xe7, 0xcf, 0x3c, 0xf2, 0x9e, 0x04, 0xbf, 0xe6, 0x07, 0x9a, 0x15, 0xe1, + 0x7f, 0xd1, 0x62, 0x22, 0x98, 0x07, 0xd9, 0x4c, 0x6b, 0xce, 0xaa, 0xb4, 0xdd, 0x52, 0x88, 0xac, + 0x55, 0x27, 0xaa, 0x4b, 0xac, 0x37, 0x06, 0x5a, 0x69, 0x41, 0x3c, 0xe4, 0x2e, 0x50, 0xe8, 0x42, + 0x0c, 0x81, 0x0b, 0xd8, 0x46, 0xb5, 0x80, 0x0d, 0x20, 0x89, 0x98, 0x0b, 0xba, 0xe7, 0x6f, 0xba, + 0x67, 0x6d, 0x3f, 0x7f, 0xa0, 0x93, 0x1a, 0xbc, 0x8e, 0x4a, 0xf2, 0xa2, 0x46, 0x50, 0x9b, 0xfc, + 0x2b, 0x59, 0x4b, 0xd5, 0x0b, 0xfe, 0x1b, 0x95, 0x22, 0x26, 0xfc, 0x46, 0x51, 0x55, 0x54, 0xe5, + 0xeb, 0x01, 0x13, 0x3e, 0x55, 0xa8, 0xf5, 0xc5, 0x40, 0x79, 0x7e, 0xdc, 0x45, 0x55, 0xe1, 0xc7, + 0xa1, 0x10, 0x7d, 0xd0, 0xab, 0xba, 0x7d, 0xb5, 0x91, 0x3e, 0xd0, 0xec, 0xdd, 0x30, 0xe8, 0x72, + 0xcf, 0xa9, 0xcb, 0x9f, 0x97, 0x63, 0x74, 0xac, 0x8d, 0x05, 0xaa, 0xbb, 0x7d, 0x0e, 0x81, 0xc8, + 0xea, 0xf4, 0xfa, 0x6e, 0x5d, 0xad, 0xd7, 0xee, 0x94, 0x82, 0xf3, 0xbb, 0xce, 0x5d, 0x9f, 0x46, + 0xe9, 0x77, 0x5d, 0xac, 0x77, 0x06, 0x5a, 0xbd, 0x84, 0x8b, 0xff, 0x42, 0xc5, 0x34, 0xce, 0x17, + 0x5c, 0x19, 0x9d, 0x35, 0x8b, 0x87, 0x74, 0x8f, 0x4a, 0x0c, 0x3f, 0x43, 0x95, 0x24, 0xdb, 0x90, + 0xf6, 0x78, 0x63, 0x4e, 0x8f, 0x17, 0xf7, 0xea, 0x2c, 0xc9, 0x7f, 0x96, 0xa3, 0xb9, 0x28, 0xde, + 0x40, 0x55, 0x97, 0x39, 0x69, 0xd0, 0xe9, 0x83, 0x5a, 0x4f, 0x3d, 0x1b, 0xd9, 0xee, 0x4e, 0x86, + 0xd1, 0xf1, 0xab, 0xd5, 0x42, 0x7f, 0x5c, 0x3a, 0x63, 0xe9, 0xfe, 0x65, 0x94, 0x28, 0xf7, 0xc5, + 0xcc, 0xfd, 0xfd, 0x83, 0x16, 0x95, 0x18, 0x6e, 0xa2, 0x72, 0x3b, 0x8d, 0x13, 0xa1, 0xbc, 0x17, + 0x9d, 0x9a, 0xfc, 0xb7, 0x8e, 0x04, 0x68, 0x86, 0x3b, 0xe4, 0xf8, 0xdc, 0x2c, 0x9c, 0x9c, 0x9b, + 0x85, 0xd3, 0x73, 0xb3, 0xf0, 0x7a, 0x64, 0x1a, 0xc7, 0x23, 0xd3, 0x38, 0x19, 0x99, 0xc6, 0xe9, + 0xc8, 0x34, 0x3e, 0x8d, 0x4c, 0xe3, 0xed, 0x67, 0xb3, 0xf0, 0xa4, 0x9a, 0xa7, 0xfa, 0x16, 0x00, + 0x00, 0xff, 0xff, 0x55, 0x1b, 0x03, 0x56, 0xaf, 0x06, 0x00, 0x00, +} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto new file mode 100644 index 00000000000..ba42a1cf38f --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/generated.proto @@ -0,0 +1,159 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + + +// This file was autogenerated by go-to-protobuf. Do not edit it manually! + +syntax = 'proto2'; + +package k8s.io.api.auditregistration.v1alpha1; + +import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; +import "k8s.io/apimachinery/pkg/runtime/generated.proto"; +import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; + +// Package-wide variables from generator "generated". +option go_package = "v1alpha1"; + +// AuditSink represents a cluster level audit sink +message AuditSink { + // +optional + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; + + // Spec defines the audit configuration spec + optional AuditSinkSpec spec = 2; +} + +// AuditSinkList is a list of AuditSink items. +message AuditSinkList { + // +optional + optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; + + // List of audit configurations. + repeated AuditSink items = 2; +} + +// AuditSinkSpec holds the spec for the audit sink +message AuditSinkSpec { + // Policy defines the policy for selecting which events should be sent to the webhook + // required + optional Policy policy = 1; + + // Webhook to send events + // required + optional Webhook webhook = 2; +} + +// Policy defines the configuration of how audit events are logged +message Policy { + // The Level that all requests are recorded at. + // available options: None, Metadata, Request, RequestResponse + // required + optional string level = 1; + + // Stages is a list of stages for which events are created. + // +optional + repeated string stages = 2; +} + +// ServiceReference holds a reference to Service.legacy.k8s.io +message ServiceReference { + // `namespace` is the namespace of the service. + // Required + optional string namespace = 1; + + // `name` is the name of the service. + // Required + optional string name = 2; + + // `path` is an optional URL path which will be sent in any request to + // this service. + // +optional + optional string path = 3; +} + +// Webhook holds the configuration of the webhook +message Webhook { + // Throttle holds the options for throttling the webhook + // +optional + optional WebhookThrottleConfig throttle = 1; + + // ClientConfig holds the connection parameters for the webhook + // required + optional WebhookClientConfig clientConfig = 2; +} + +// WebhookClientConfig contains the information to make a connection with the webhook +message WebhookClientConfig { + // `url` gives the location of the webhook, in standard URL form + // (`[scheme://]host:port/path`). Exactly one of `url` or `service` + // must be specified. + // + // The `host` should not refer to a service running in the cluster; use + // the `service` field instead. The host might be resolved via external + // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve + // in-cluster DNS as that would be a layering violation). `host` may + // also be an IP address. + // + // Please note that using `localhost` or `127.0.0.1` as a `host` is + // risky unless you take great care to run this webhook on all hosts + // which run an apiserver which might need to make calls to this + // webhook. Such installs are likely to be non-portable, i.e., not easy + // to turn up in a new cluster. + // + // The scheme must be "https"; the URL must begin with "https://". + // + // A path is optional, and if present may be any string permissible in + // a URL. You may use the path to pass an arbitrary string to the + // webhook, for example, a cluster identifier. + // + // Attempting to use a user or basic auth e.g. "user:password@" is not + // allowed. Fragments ("#...") and query parameters ("?...") are not + // allowed, either. + // + // +optional + optional string url = 1; + + // `service` is a reference to the service for this webhook. Either + // `service` or `url` must be specified. + // + // If the webhook is running within the cluster, then you should use `service`. + // + // Port 443 will be used if it is open, otherwise it is an error. + // + // +optional + optional ServiceReference service = 2; + + // `caBundle` is a PEM encoded CA bundle which will be used to validate + // the webhook's server certificate. + // defaults to the apiservers CA bundle for the endpoint type + // +optional + optional bytes caBundle = 3; +} + +// WebhookThrottleConfig holds the configuration for throttling events +message WebhookThrottleConfig { + // ThrottleQPS maximum number of batches per second + // default 10 QPS + // +optional + optional int64 qps = 1; + + // ThrottleBurst is the maximum number of events sent at the same moment + // default 15 QPS + // +optional + optional int64 burst = 2; +} + diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go new file mode 100644 index 00000000000..d6271608f00 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/register.go @@ -0,0 +1,56 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name use in this package +const GroupName = "auditregistration.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &AuditSink{}, + &AuditSinkList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go new file mode 100644 index 00000000000..a7ef9d13fc5 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go @@ -0,0 +1,195 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:openapi-gen=true + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// Level defines the amount of information logged during auditing +type Level string + +// Valid audit levels +const ( + // LevelNone disables auditing + LevelNone Level = "None" + // LevelMetadata provides the basic level of auditing. + LevelMetadata Level = "Metadata" + // LevelRequest provides Metadata level of auditing, and additionally + // logs the request object (does not apply for non-resource requests). + LevelRequest Level = "Request" + // LevelRequestResponse provides Request level of auditing, and additionally + // logs the response object (does not apply for non-resource requests and watches). + LevelRequestResponse Level = "RequestResponse" +) + +// Stage defines the stages in request handling during which audit events may be generated. +type Stage string + +// Valid audit stages. +const ( + // The stage for events generated after the audit handler receives the request, but before it + // is delegated down the handler chain. + StageRequestReceived = "RequestReceived" + // The stage for events generated after the response headers are sent, but before the response body + // is sent. This stage is only generated for long-running requests (e.g. watch). + StageResponseStarted = "ResponseStarted" + // The stage for events generated after the response body has been completed, and no more bytes + // will be sent. + StageResponseComplete = "ResponseComplete" + // The stage for events generated when a panic occurred. + StagePanic = "Panic" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSink represents a cluster level audit sink +type AuditSink struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // Spec defines the audit configuration spec + Spec AuditSinkSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` +} + +// AuditSinkSpec holds the spec for the audit sink +type AuditSinkSpec struct { + // Policy defines the policy for selecting which events should be sent to the webhook + // required + Policy Policy `json:"policy" protobuf:"bytes,1,opt,name=policy"` + + // Webhook to send events + // required + Webhook Webhook `json:"webhook" protobuf:"bytes,2,opt,name=webhook"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// AuditSinkList is a list of AuditSink items. +type AuditSinkList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // List of audit configurations. + Items []AuditSink `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// Policy defines the configuration of how audit events are logged +type Policy struct { + // The Level that all requests are recorded at. + // available options: None, Metadata, Request, RequestResponse + // required + Level Level `json:"level" protobuf:"bytes,1,opt,name=level"` + + // Stages is a list of stages for which events are created. + // +optional + Stages []Stage `json:"stages" protobuf:"bytes,2,opt,name=stages"` +} + +// Webhook holds the configuration of the webhook +type Webhook struct { + // Throttle holds the options for throttling the webhook + // +optional + Throttle *WebhookThrottleConfig `json:"throttle,omitempty" protobuf:"bytes,1,opt,name=throttle"` + + // ClientConfig holds the connection parameters for the webhook + // required + ClientConfig WebhookClientConfig `json:"clientConfig" protobuf:"bytes,2,opt,name=clientConfig"` +} + +// WebhookThrottleConfig holds the configuration for throttling events +type WebhookThrottleConfig struct { + // ThrottleQPS maximum number of batches per second + // default 10 QPS + // +optional + QPS *int64 `json:"qps,omitempty" protobuf:"bytes,1,opt,name=qps"` + + // ThrottleBurst is the maximum number of events sent at the same moment + // default 15 QPS + // +optional + Burst *int64 `json:"burst,omitempty" protobuf:"bytes,2,opt,name=burst"` +} + +// WebhookClientConfig contains the information to make a connection with the webhook +type WebhookClientConfig struct { + // `url` gives the location of the webhook, in standard URL form + // (`[scheme://]host:port/path`). Exactly one of `url` or `service` + // must be specified. + // + // The `host` should not refer to a service running in the cluster; use + // the `service` field instead. The host might be resolved via external + // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve + // in-cluster DNS as that would be a layering violation). `host` may + // also be an IP address. + // + // Please note that using `localhost` or `127.0.0.1` as a `host` is + // risky unless you take great care to run this webhook on all hosts + // which run an apiserver which might need to make calls to this + // webhook. Such installs are likely to be non-portable, i.e., not easy + // to turn up in a new cluster. + // + // The scheme must be "https"; the URL must begin with "https://". + // + // A path is optional, and if present may be any string permissible in + // a URL. You may use the path to pass an arbitrary string to the + // webhook, for example, a cluster identifier. + // + // Attempting to use a user or basic auth e.g. "user:password@" is not + // allowed. Fragments ("#...") and query parameters ("?...") are not + // allowed, either. + // + // +optional + URL *string `json:"url,omitempty" protobuf:"bytes,1,opt,name=url"` + + // `service` is a reference to the service for this webhook. Either + // `service` or `url` must be specified. + // + // If the webhook is running within the cluster, then you should use `service`. + // + // Port 443 will be used if it is open, otherwise it is an error. + // + // +optional + Service *ServiceReference `json:"service" protobuf:"bytes,2,opt,name=service"` + + // `caBundle` is a PEM encoded CA bundle which will be used to validate + // the webhook's server certificate. + // defaults to the apiservers CA bundle for the endpoint type + // +optional + CABundle []byte `json:"caBundle" protobuf:"bytes,3,opt,name=caBundle"` +} + +// ServiceReference holds a reference to Service.legacy.k8s.io +type ServiceReference struct { + // `namespace` is the namespace of the service. + // Required + Namespace string `json:"namespace" protobuf:"bytes,1,opt,name=namespace"` + + // `name` is the name of the service. + // Required + Name string `json:"name" protobuf:"bytes,2,opt,name=name"` + + // `path` is an optional URL path which will be sent in any request to + // this service. + // +optional + Path *string `json:"path,omitempty" protobuf:"bytes,3,opt,name=path"` +} diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go new file mode 100644 index 00000000000..914932e6aa7 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/types_swagger_doc_generated.go @@ -0,0 +1,110 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +// This file contains a collection of methods that can be used from go-restful to +// generate Swagger API documentation for its models. Please read this PR for more +// information on the implementation: https://github.com/emicklei/go-restful/pull/215 +// +// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if +// they are on one line! For multiple line or blocks that you want to ignore use ---. +// Any context after a --- is ignored. +// +// Those methods can be generated by using hack/update-generated-swagger-docs.sh + +// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT. +var map_AuditSink = map[string]string{ + "": "AuditSink represents a cluster level audit sink", + "spec": "Spec defines the audit configuration spec", +} + +func (AuditSink) SwaggerDoc() map[string]string { + return map_AuditSink +} + +var map_AuditSinkList = map[string]string{ + "": "AuditSinkList is a list of AuditSink items.", + "items": "List of audit configurations.", +} + +func (AuditSinkList) SwaggerDoc() map[string]string { + return map_AuditSinkList +} + +var map_AuditSinkSpec = map[string]string{ + "": "AuditSinkSpec holds the spec for the audit sink", + "policy": "Policy defines the policy for selecting which events should be sent to the webhook required", + "webhook": "Webhook to send events required", +} + +func (AuditSinkSpec) SwaggerDoc() map[string]string { + return map_AuditSinkSpec +} + +var map_Policy = map[string]string{ + "": "Policy defines the configuration of how audit events are logged", + "level": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required", + "stages": "Stages is a list of stages for which events are created.", +} + +func (Policy) SwaggerDoc() map[string]string { + return map_Policy +} + +var map_ServiceReference = map[string]string{ + "": "ServiceReference holds a reference to Service.legacy.k8s.io", + "namespace": "`namespace` is the namespace of the service. Required", + "name": "`name` is the name of the service. Required", + "path": "`path` is an optional URL path which will be sent in any request to this service.", +} + +func (ServiceReference) SwaggerDoc() map[string]string { + return map_ServiceReference +} + +var map_Webhook = map[string]string{ + "": "Webhook holds the configuration of the webhook", + "throttle": "Throttle holds the options for throttling the webhook", + "clientConfig": "ClientConfig holds the connection parameters for the webhook required", +} + +func (Webhook) SwaggerDoc() map[string]string { + return map_Webhook +} + +var map_WebhookClientConfig = map[string]string{ + "": "WebhookClientConfig contains the information to make a connection with the webhook", + "url": "`url` gives the location of the webhook, in standard URL form (`[scheme://]host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", + "service": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", + "caBundle": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. defaults to the apiservers CA bundle for the endpoint type", +} + +func (WebhookClientConfig) SwaggerDoc() map[string]string { + return map_WebhookClientConfig +} + +var map_WebhookThrottleConfig = map[string]string{ + "": "WebhookThrottleConfig holds the configuration for throttling events", + "qps": "ThrottleQPS maximum number of batches per second default 10 QPS", + "burst": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS", +} + +func (WebhookThrottleConfig) SwaggerDoc() map[string]string { + return map_WebhookThrottleConfig +} + +// AUTO-GENERATED FUNCTIONS END HERE diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000000..e71deffad37 --- /dev/null +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,224 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSink) DeepCopyInto(out *AuditSink) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSink. +func (in *AuditSink) DeepCopy() *AuditSink { + if in == nil { + return nil + } + out := new(AuditSink) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSink) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkList) DeepCopyInto(out *AuditSinkList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AuditSink, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkList. +func (in *AuditSinkList) DeepCopy() *AuditSinkList { + if in == nil { + return nil + } + out := new(AuditSinkList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AuditSinkList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuditSinkSpec) DeepCopyInto(out *AuditSinkSpec) { + *out = *in + in.Policy.DeepCopyInto(&out.Policy) + in.Webhook.DeepCopyInto(&out.Webhook) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkSpec. +func (in *AuditSinkSpec) DeepCopy() *AuditSinkSpec { + if in == nil { + return nil + } + out := new(AuditSinkSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Policy) DeepCopyInto(out *Policy) { + *out = *in + if in.Stages != nil { + in, out := &in.Stages, &out.Stages + *out = make([]Stage, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. +func (in *Policy) DeepCopy() *Policy { + if in == nil { + return nil + } + out := new(Policy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceReference) DeepCopyInto(out *ServiceReference) { + *out = *in + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference. +func (in *ServiceReference) DeepCopy() *ServiceReference { + if in == nil { + return nil + } + out := new(ServiceReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Webhook) DeepCopyInto(out *Webhook) { + *out = *in + if in.Throttle != nil { + in, out := &in.Throttle, &out.Throttle + *out = new(WebhookThrottleConfig) + (*in).DeepCopyInto(*out) + } + in.ClientConfig.DeepCopyInto(&out.ClientConfig) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook. +func (in *Webhook) DeepCopy() *Webhook { + if in == nil { + return nil + } + out := new(Webhook) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig) { + *out = *in + if in.URL != nil { + in, out := &in.URL, &out.URL + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(ServiceReference) + (*in).DeepCopyInto(*out) + } + if in.CABundle != nil { + in, out := &in.CABundle, &out.CABundle + *out = make([]byte, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig. +func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig { + if in == nil { + return nil + } + out := new(WebhookClientConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookThrottleConfig) DeepCopyInto(out *WebhookThrottleConfig) { + *out = *in + if in.QPS != nil { + in, out := &in.QPS, &out.QPS + *out = new(int64) + **out = **in + } + if in.Burst != nil { + in, out := &in.Burst, &out.Burst + *out = new(int64) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookThrottleConfig. +func (in *WebhookThrottleConfig) DeepCopy() *WebhookThrottleConfig { + if in == nil { + return nil + } + out := new(WebhookThrottleConfig) + in.DeepCopyInto(out) + return out +} diff --git a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json index a73d4784af2..8de05fd42f4 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json @@ -882,6 +882,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1618,6 +1622,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1790,6 +1802,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1914,6 +1930,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiserver/Godeps/Godeps.json index bb3b653bd4b..55373dcb56f 100644 --- a/staging/src/k8s.io/apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiserver/Godeps/Godeps.json @@ -902,6 +902,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1254,6 +1258,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1446,6 +1458,14 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1674,6 +1694,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go b/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go index f80aba01ffe..397317f23b2 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go +++ b/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go @@ -24,6 +24,7 @@ import ( "k8s.io/apiserver/pkg/apis/audit" ) +// ValidatePolicy validates the audit policy func ValidatePolicy(policy *audit.Policy) field.ErrorList { var allErrs field.ErrorList allErrs = append(allErrs, validateOmitStages(policy.OmitStages, field.NewPath("omitStages"))...) diff --git a/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json b/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json index f38506e5480..280521d2731 100644 --- a/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json +++ b/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json @@ -230,6 +230,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers/jsonpath.go b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers/jsonpath.go index 0bdb3511f1e..333b9c33443 100644 --- a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers/jsonpath.go +++ b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers/jsonpath.go @@ -17,6 +17,7 @@ limitations under the License. package printers import ( + "bytes" "encoding/json" "fmt" "io" @@ -136,10 +137,11 @@ func (j *JSONPathPrinter) PrintObj(obj runtime.Object, w io.Writer) error { } if err := j.JSONPath.Execute(w, queryObj); err != nil { - fmt.Fprintf(w, "Error executing template: %v. Printing more information for debugging the template:\n", err) - fmt.Fprintf(w, "\ttemplate was:\n\t\t%v\n", j.rawTemplate) - fmt.Fprintf(w, "\tobject given to jsonpath engine was:\n\t\t%#v\n\n", queryObj) - return fmt.Errorf("error executing jsonpath %q: %v\n", j.rawTemplate, err) + buf := bytes.NewBuffer(nil) + fmt.Fprintf(buf, "Error executing template: %v. Printing more information for debugging the template:\n", err) + fmt.Fprintf(buf, "\ttemplate was:\n\t\t%v\n", j.rawTemplate) + fmt.Fprintf(buf, "\tobject given to jsonpath engine was:\n\t\t%#v\n\n", queryObj) + return fmt.Errorf("error executing jsonpath %q: %v\n", j.rawTemplate, buf.String()) } return nil } diff --git a/staging/src/k8s.io/client-go/Godeps/Godeps.json b/staging/src/k8s.io/client-go/Godeps/Godeps.json index 5c5d92528ff..a3221a7213d 100644 --- a/staging/src/k8s.io/client-go/Godeps/Godeps.json +++ b/staging/src/k8s.io/client-go/Godeps/Godeps.json @@ -16,23 +16,27 @@ }, { "ImportPath": "github.com/Azure/go-autorest/autorest", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/adal", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/azure", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/autorest/date", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" + }, + { + "ImportPath": "github.com/Azure/go-autorest/logger", + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/Azure/go-autorest/version", - "Rev": "bca49d5b51a50dc5bb17bbf6204c711c6dbded06" + "Rev": "a88c19ef2016e095f0b6c3b451074b4663f53bed" }, { "ImportPath": "github.com/davecgh/go-spew/spew", @@ -294,6 +298,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/client-go/informers/BUILD b/staging/src/k8s.io/client-go/informers/BUILD index d5654768687..24af1356b8c 100644 --- a/staging/src/k8s.io/client-go/informers/BUILD +++ b/staging/src/k8s.io/client-go/informers/BUILD @@ -15,6 +15,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v2beta1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v2beta2:go_default_library", @@ -42,6 +43,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/client-go/informers/admissionregistration:go_default_library", "//staging/src/k8s.io/client-go/informers/apps:go_default_library", + "//staging/src/k8s.io/client-go/informers/auditregistration:go_default_library", "//staging/src/k8s.io/client-go/informers/autoscaling:go_default_library", "//staging/src/k8s.io/client-go/informers/batch:go_default_library", "//staging/src/k8s.io/client-go/informers/certificates:go_default_library", @@ -74,6 +76,7 @@ filegroup( ":package-srcs", "//staging/src/k8s.io/client-go/informers/admissionregistration:all-srcs", "//staging/src/k8s.io/client-go/informers/apps:all-srcs", + "//staging/src/k8s.io/client-go/informers/auditregistration:all-srcs", "//staging/src/k8s.io/client-go/informers/autoscaling:all-srcs", "//staging/src/k8s.io/client-go/informers/batch:all-srcs", "//staging/src/k8s.io/client-go/informers/certificates:all-srcs", diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/BUILD b/staging/src/k8s.io/client-go/informers/auditregistration/BUILD new file mode 100644 index 00000000000..3a3afe0dac7 --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["interface.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/informers/auditregistration", + importpath = "k8s.io/client-go/informers/auditregistration", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/informers/internalinterfaces:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/interface.go b/staging/src/k8s.io/client-go/informers/auditregistration/interface.go new file mode 100644 index 00000000000..0f1682c478d --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/interface.go @@ -0,0 +1,46 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package auditregistration + +import ( + v1alpha1 "k8s.io/client-go/informers/auditregistration/v1alpha1" + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/BUILD new file mode 100644 index 00000000000..846f0d680ec --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "interface.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/informers/auditregistration/v1alpha1", + importpath = "k8s.io/client-go/informers/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/informers/internalinterfaces:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go new file mode 100644 index 00000000000..69778ad2cfe --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/auditsink.go @@ -0,0 +1,88 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" + kubernetes "k8s.io/client-go/kubernetes" + v1alpha1 "k8s.io/client-go/listers/auditregistration/v1alpha1" + cache "k8s.io/client-go/tools/cache" +) + +// AuditSinkInformer provides access to a shared informer and lister for +// AuditSinks. +type AuditSinkInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.AuditSinkLister +} + +type auditSinkInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewAuditSinkInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredAuditSinkInformer constructs a new informer for AuditSink type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredAuditSinkInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuditregistrationV1alpha1().AuditSinks().List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuditregistrationV1alpha1().AuditSinks().Watch(options) + }, + }, + &auditregistrationv1alpha1.AuditSink{}, + resyncPeriod, + indexers, + ) +} + +func (f *auditSinkInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredAuditSinkInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *auditSinkInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&auditregistrationv1alpha1.AuditSink{}, f.defaultInformer) +} + +func (f *auditSinkInformer) Lister() v1alpha1.AuditSinkLister { + return v1alpha1.NewAuditSinkLister(f.Informer().GetIndexer()) +} diff --git a/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go new file mode 100644 index 00000000000..0a67ba821df --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/auditregistration/v1alpha1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // AuditSinks returns a AuditSinkInformer. + AuditSinks() AuditSinkInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// AuditSinks returns a AuditSinkInformer. +func (v *version) AuditSinks() AuditSinkInformer { + return &auditSinkInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/staging/src/k8s.io/client-go/informers/factory.go b/staging/src/k8s.io/client-go/informers/factory.go index 7ae22ee2c82..88ead6213a1 100644 --- a/staging/src/k8s.io/client-go/informers/factory.go +++ b/staging/src/k8s.io/client-go/informers/factory.go @@ -28,6 +28,7 @@ import ( schema "k8s.io/apimachinery/pkg/runtime/schema" admissionregistration "k8s.io/client-go/informers/admissionregistration" apps "k8s.io/client-go/informers/apps" + auditregistration "k8s.io/client-go/informers/auditregistration" autoscaling "k8s.io/client-go/informers/autoscaling" batch "k8s.io/client-go/informers/batch" certificates "k8s.io/client-go/informers/certificates" @@ -188,6 +189,7 @@ type SharedInformerFactory interface { Admissionregistration() admissionregistration.Interface Apps() apps.Interface + Auditregistration() auditregistration.Interface Autoscaling() autoscaling.Interface Batch() batch.Interface Certificates() certificates.Interface @@ -211,6 +213,10 @@ func (f *sharedInformerFactory) Apps() apps.Interface { return apps.New(f, f.namespace, f.tweakListOptions) } +func (f *sharedInformerFactory) Auditregistration() auditregistration.Interface { + return auditregistration.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Autoscaling() autoscaling.Interface { return autoscaling.New(f, f.namespace, f.tweakListOptions) } diff --git a/staging/src/k8s.io/client-go/informers/generic.go b/staging/src/k8s.io/client-go/informers/generic.go index 3af96304a5c..ab9abf87ee3 100644 --- a/staging/src/k8s.io/client-go/informers/generic.go +++ b/staging/src/k8s.io/client-go/informers/generic.go @@ -26,6 +26,7 @@ import ( v1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" v1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" autoscalingv1 "k8s.io/api/autoscaling/v1" v2beta1 "k8s.io/api/autoscaling/v2beta1" v2beta2 "k8s.io/api/autoscaling/v2beta2" @@ -120,6 +121,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case v1beta2.SchemeGroupVersion.WithResource("statefulsets"): return &genericInformer{resource: resource.GroupResource(), informer: f.Apps().V1beta2().StatefulSets().Informer()}, nil + // Group=auditregistration.k8s.io, Version=v1alpha1 + case auditregistrationv1alpha1.SchemeGroupVersion.WithResource("auditsinks"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Auditregistration().V1alpha1().AuditSinks().Informer()}, nil + // Group=autoscaling, Version=v1 case autoscalingv1.SchemeGroupVersion.WithResource("horizontalpodautoscalers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Autoscaling().V1().HorizontalPodAutoscalers().Informer()}, nil diff --git a/staging/src/k8s.io/client-go/kubernetes/BUILD b/staging/src/k8s.io/client-go/kubernetes/BUILD index fc7ed0d7448..da4639ae342 100644 --- a/staging/src/k8s.io/client-go/kubernetes/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/BUILD @@ -17,6 +17,7 @@ go_library( "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authorization/v1:go_default_library", @@ -66,6 +67,7 @@ filegroup( "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2:all-srcs", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/authorization/v1:all-srcs", diff --git a/staging/src/k8s.io/client-go/kubernetes/clientset.go b/staging/src/k8s.io/client-go/kubernetes/clientset.go index 122e4bb7f19..6ad01d6db19 100644 --- a/staging/src/k8s.io/client-go/kubernetes/clientset.go +++ b/staging/src/k8s.io/client-go/kubernetes/clientset.go @@ -25,6 +25,7 @@ import ( appsv1 "k8s.io/client-go/kubernetes/typed/apps/v1" appsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1" appsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" authenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1" authenticationv1beta1 "k8s.io/client-go/kubernetes/typed/authentication/v1beta1" authorizationv1 "k8s.io/client-go/kubernetes/typed/authorization/v1" @@ -66,6 +67,9 @@ type Interface interface { AppsV1() appsv1.AppsV1Interface // Deprecated: please explicitly pick a version if possible. Apps() appsv1.AppsV1Interface + AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface + // Deprecated: please explicitly pick a version if possible. + Auditregistration() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface AuthenticationV1() authenticationv1.AuthenticationV1Interface // Deprecated: please explicitly pick a version if possible. Authentication() authenticationv1.AuthenticationV1Interface @@ -133,6 +137,7 @@ type Clientset struct { appsV1beta1 *appsv1beta1.AppsV1beta1Client appsV1beta2 *appsv1beta2.AppsV1beta2Client appsV1 *appsv1.AppsV1Client + auditregistrationV1alpha1 *auditregistrationv1alpha1.AuditregistrationV1alpha1Client authenticationV1 *authenticationv1.AuthenticationV1Client authenticationV1beta1 *authenticationv1beta1.AuthenticationV1beta1Client authorizationV1 *authorizationv1.AuthorizationV1Client @@ -198,6 +203,17 @@ func (c *Clientset) Apps() appsv1.AppsV1Interface { return c.appsV1 } +// AuditregistrationV1alpha1 retrieves the AuditregistrationV1alpha1Client +func (c *Clientset) AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return c.auditregistrationV1alpha1 +} + +// Deprecated: Auditregistration retrieves the default version of AuditregistrationClient. +// Please explicitly pick a version. +func (c *Clientset) Auditregistration() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return c.auditregistrationV1alpha1 +} + // AuthenticationV1 retrieves the AuthenticationV1Client func (c *Clientset) AuthenticationV1() authenticationv1.AuthenticationV1Interface { return c.authenticationV1 @@ -454,6 +470,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } + cs.auditregistrationV1alpha1, err = auditregistrationv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } cs.authenticationV1, err = authenticationv1.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -575,6 +595,7 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { cs.appsV1beta1 = appsv1beta1.NewForConfigOrDie(c) cs.appsV1beta2 = appsv1beta2.NewForConfigOrDie(c) cs.appsV1 = appsv1.NewForConfigOrDie(c) + cs.auditregistrationV1alpha1 = auditregistrationv1alpha1.NewForConfigOrDie(c) cs.authenticationV1 = authenticationv1.NewForConfigOrDie(c) cs.authenticationV1beta1 = authenticationv1beta1.NewForConfigOrDie(c) cs.authorizationV1 = authorizationv1.NewForConfigOrDie(c) @@ -614,6 +635,7 @@ func New(c rest.Interface) *Clientset { cs.appsV1beta1 = appsv1beta1.New(c) cs.appsV1beta2 = appsv1beta2.New(c) cs.appsV1 = appsv1.New(c) + cs.auditregistrationV1alpha1 = auditregistrationv1alpha1.New(c) cs.authenticationV1 = authenticationv1.New(c) cs.authenticationV1beta1 = authenticationv1beta1.New(c) cs.authorizationV1 = authorizationv1.New(c) diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/BUILD b/staging/src/k8s.io/client-go/kubernetes/fake/BUILD index 2acd97972cb..185e530d0bf 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/fake/BUILD @@ -16,6 +16,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/authentication/v1:go_default_library", "//staging/src/k8s.io/api/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/api/authorization/v1:go_default_library", @@ -61,6 +62,8 @@ go_library( "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1beta1:go_default_library", diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go index a23b3165a04..47b63ffaed9 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go @@ -34,6 +34,8 @@ import ( fakeappsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1/fake" appsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2" fakeappsv1beta2 "k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake" + auditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" + fakeauditregistrationv1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake" authenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1" fakeauthenticationv1 "k8s.io/client-go/kubernetes/typed/authentication/v1/fake" authenticationv1beta1 "k8s.io/client-go/kubernetes/typed/authentication/v1beta1" @@ -166,6 +168,16 @@ func (c *Clientset) Apps() appsv1.AppsV1Interface { return &fakeappsv1.FakeAppsV1{Fake: &c.Fake} } +// AuditregistrationV1alpha1 retrieves the AuditregistrationV1alpha1Client +func (c *Clientset) AuditregistrationV1alpha1() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return &fakeauditregistrationv1alpha1.FakeAuditregistrationV1alpha1{Fake: &c.Fake} +} + +// Auditregistration retrieves the AuditregistrationV1alpha1Client +func (c *Clientset) Auditregistration() auditregistrationv1alpha1.AuditregistrationV1alpha1Interface { + return &fakeauditregistrationv1alpha1.FakeAuditregistrationV1alpha1{Fake: &c.Fake} +} + // AuthenticationV1 retrieves the AuthenticationV1Client func (c *Clientset) AuthenticationV1() authenticationv1.AuthenticationV1Interface { return &fakeauthenticationv1.FakeAuthenticationV1{Fake: &c.Fake} diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/register.go b/staging/src/k8s.io/client-go/kubernetes/fake/register.go index c429979688b..6e1e1fb2936 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/register.go @@ -24,6 +24,7 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authenticationv1beta1 "k8s.io/api/authentication/v1beta1" authorizationv1 "k8s.io/api/authorization/v1" @@ -66,6 +67,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ appsv1beta1.AddToScheme, appsv1beta2.AddToScheme, appsv1.AddToScheme, + auditregistrationv1alpha1.AddToScheme, authenticationv1.AddToScheme, authenticationv1beta1.AddToScheme, authorizationv1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD b/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD index 3490063e7e0..e36fdd99ea6 100644 --- a/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD @@ -15,6 +15,7 @@ go_library( "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/authentication/v1:go_default_library", "//staging/src/k8s.io/api/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/api/authorization/v1:go_default_library", diff --git a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go index 9ca89b76e44..e336eb9179e 100644 --- a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go @@ -24,6 +24,7 @@ import ( appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" + auditregistrationv1alpha1 "k8s.io/api/auditregistration/v1alpha1" authenticationv1 "k8s.io/api/authentication/v1" authenticationv1beta1 "k8s.io/api/authentication/v1beta1" authorizationv1 "k8s.io/api/authorization/v1" @@ -66,6 +67,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ appsv1beta1.AddToScheme, appsv1beta2.AddToScheme, appsv1.AddToScheme, + auditregistrationv1alpha1.AddToScheme, authenticationv1.AddToScheme, authenticationv1beta1.AddToScheme, authorizationv1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD new file mode 100644 index 00000000000..cb5b1a5ede0 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/BUILD @@ -0,0 +1,40 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditregistration_client.go", + "auditsink.go", + "doc.go", + "generated_expansion.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + importpath = "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go new file mode 100644 index 00000000000..f007b05ef7d --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditregistration_client.go @@ -0,0 +1,90 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + "k8s.io/client-go/kubernetes/scheme" + rest "k8s.io/client-go/rest" +) + +type AuditregistrationV1alpha1Interface interface { + RESTClient() rest.Interface + AuditSinksGetter +} + +// AuditregistrationV1alpha1Client is used to interact with features provided by the auditregistration.k8s.io group. +type AuditregistrationV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AuditregistrationV1alpha1Client) AuditSinks() AuditSinkInterface { + return newAuditSinks(c) +} + +// NewForConfig creates a new AuditregistrationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuditregistrationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AuditregistrationV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AuditregistrationV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuditregistrationV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuditregistrationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuditregistrationV1alpha1Client { + return &AuditregistrationV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuditregistrationV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go new file mode 100644 index 00000000000..4f91f527ef1 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/auditsink.go @@ -0,0 +1,147 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + scheme "k8s.io/client-go/kubernetes/scheme" + rest "k8s.io/client-go/rest" +) + +// AuditSinksGetter has a method to return a AuditSinkInterface. +// A group's client should implement this interface. +type AuditSinksGetter interface { + AuditSinks() AuditSinkInterface +} + +// AuditSinkInterface has methods to work with AuditSink resources. +type AuditSinkInterface interface { + Create(*v1alpha1.AuditSink) (*v1alpha1.AuditSink, error) + Update(*v1alpha1.AuditSink) (*v1alpha1.AuditSink, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.AuditSink, error) + List(opts v1.ListOptions) (*v1alpha1.AuditSinkList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) + AuditSinkExpansion +} + +// auditSinks implements AuditSinkInterface +type auditSinks struct { + client rest.Interface +} + +// newAuditSinks returns a AuditSinks +func newAuditSinks(c *AuditregistrationV1alpha1Client) *auditSinks { + return &auditSinks{ + client: c.RESTClient(), + } +} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *auditSinks) Get(name string, options v1.GetOptions) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Get(). + Resource("auditsinks"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *auditSinks) List(opts v1.ListOptions) (result *v1alpha1.AuditSinkList, err error) { + result = &v1alpha1.AuditSinkList{} + err = c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *auditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Resource("auditsinks"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Create(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Post(). + Resource("auditsinks"). + Body(auditSink). + Do(). + Into(result) + return +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *auditSinks) Update(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Put(). + Resource("auditsinks"). + Name(auditSink.Name). + Body(auditSink). + Do(). + Into(result) + return +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *auditSinks) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *auditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Resource("auditsinks"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched auditSink. +func (c *auditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) { + result = &v1alpha1.AuditSink{} + err = c.client.Patch(pt). + Resource("auditsinks"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go new file mode 100644 index 00000000000..df51baa4d4c --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD new file mode 100644 index 00000000000..76ac78a7db8 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "fake_auditregistration_client.go", + "fake_auditsink.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + importpath = "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/client-go/testing:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go new file mode 100644 index 00000000000..16f44399065 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go new file mode 100644 index 00000000000..c22acabcf47 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditregistration_client.go @@ -0,0 +1,40 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAuditregistrationV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAuditregistrationV1alpha1) AuditSinks() v1alpha1.AuditSinkInterface { + return &FakeAuditSinks{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuditregistrationV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go new file mode 100644 index 00000000000..d0bb9fd0009 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake/fake_auditsink.go @@ -0,0 +1,120 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeAuditSinks implements AuditSinkInterface +type FakeAuditSinks struct { + Fake *FakeAuditregistrationV1alpha1 +} + +var auditsinksResource = schema.GroupVersionResource{Group: "auditregistration.k8s.io", Version: "v1alpha1", Resource: "auditsinks"} + +var auditsinksKind = schema.GroupVersionKind{Group: "auditregistration.k8s.io", Version: "v1alpha1", Kind: "AuditSink"} + +// Get takes name of the auditSink, and returns the corresponding auditSink object, and an error if there is any. +func (c *FakeAuditSinks) Get(name string, options v1.GetOptions) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(auditsinksResource, name), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} + +// List takes label and field selectors, and returns the list of AuditSinks that match those selectors. +func (c *FakeAuditSinks) List(opts v1.ListOptions) (result *v1alpha1.AuditSinkList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(auditsinksResource, auditsinksKind, opts), &v1alpha1.AuditSinkList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.AuditSinkList{ListMeta: obj.(*v1alpha1.AuditSinkList).ListMeta} + for _, item := range obj.(*v1alpha1.AuditSinkList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested auditSinks. +func (c *FakeAuditSinks) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(auditsinksResource, opts)) +} + +// Create takes the representation of a auditSink and creates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Create(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(auditsinksResource, auditSink), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} + +// Update takes the representation of a auditSink and updates it. Returns the server's representation of the auditSink, and an error, if there is any. +func (c *FakeAuditSinks) Update(auditSink *v1alpha1.AuditSink) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(auditsinksResource, auditSink), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} + +// Delete takes name of the auditSink and deletes it. Returns an error if one occurs. +func (c *FakeAuditSinks) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(auditsinksResource, name), &v1alpha1.AuditSink{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAuditSinks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(auditsinksResource, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.AuditSinkList{}) + return err +} + +// Patch applies the patch and returns the patched auditSink. +func (c *FakeAuditSinks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.AuditSink, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(auditsinksResource, name, pt, data, subresources...), &v1alpha1.AuditSink{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.AuditSink), err +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go new file mode 100644 index 00000000000..f0f51172641 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type AuditSinkExpansion interface{} diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/BUILD b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/BUILD new file mode 100644 index 00000000000..c23bd63a400 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/BUILD @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "auditsink.go", + "expansion_generated.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/listers/auditregistration/v1alpha1", + importpath = "k8s.io/client-go/listers/auditregistration/v1alpha1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go new file mode 100644 index 00000000000..3ae4528c8c3 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/auditsink.go @@ -0,0 +1,65 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "k8s.io/api/auditregistration/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// AuditSinkLister helps list AuditSinks. +type AuditSinkLister interface { + // List lists all AuditSinks in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.AuditSink, err error) + // Get retrieves the AuditSink from the index for a given name. + Get(name string) (*v1alpha1.AuditSink, error) + AuditSinkListerExpansion +} + +// auditSinkLister implements the AuditSinkLister interface. +type auditSinkLister struct { + indexer cache.Indexer +} + +// NewAuditSinkLister returns a new AuditSinkLister. +func NewAuditSinkLister(indexer cache.Indexer) AuditSinkLister { + return &auditSinkLister{indexer: indexer} +} + +// List lists all AuditSinks in the indexer. +func (s *auditSinkLister) List(selector labels.Selector) (ret []*v1alpha1.AuditSink, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.AuditSink)) + }) + return ret, err +} + +// Get retrieves the AuditSink from the index for a given name. +func (s *auditSinkLister) Get(name string) (*v1alpha1.AuditSink, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("auditsink"), name) + } + return obj.(*v1alpha1.AuditSink), nil +} diff --git a/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go new file mode 100644 index 00000000000..533dd0631f9 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/auditregistration/v1alpha1/expansion_generated.go @@ -0,0 +1,23 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// AuditSinkListerExpansion allows custom methods to be added to +// AuditSinkLister. +type AuditSinkListerExpansion interface{} diff --git a/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json b/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json index 5d7be50c269..f1f23b35317 100644 --- a/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json +++ b/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json @@ -186,6 +186,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -482,6 +486,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -654,6 +666,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -778,6 +794,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/csi-api/Godeps/Godeps.json b/staging/src/k8s.io/csi-api/Godeps/Godeps.json index 59e8397a63d..e99aa4d8105 100644 --- a/staging/src/k8s.io/csi-api/Godeps/Godeps.json +++ b/staging/src/k8s.io/csi-api/Godeps/Godeps.json @@ -190,6 +190,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json index 5d1e2a2a719..a4825b52a6e 100644 --- a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json +++ b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json @@ -526,6 +526,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1262,6 +1266,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1434,6 +1446,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1558,6 +1574,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/metrics/Godeps/Godeps.json b/staging/src/k8s.io/metrics/Godeps/Godeps.json index 4d7961b9afa..75f2f37b22e 100644 --- a/staging/src/k8s.io/metrics/Godeps/Godeps.json +++ b/staging/src/k8s.io/metrics/Godeps/Godeps.json @@ -194,6 +194,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json index 022329c2072..51954a6bbce 100644 --- a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json @@ -498,6 +498,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1222,6 +1226,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1394,6 +1406,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1518,6 +1534,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json b/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json index a9257998dc6..abdb8883611 100644 --- a/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json @@ -218,6 +218,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/sample-controller/Godeps/Godeps.json b/staging/src/k8s.io/sample-controller/Godeps/Godeps.json index 881b2aa962c..4dc33518aae 100644 --- a/staging/src/k8s.io/sample-controller/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-controller/Godeps/Godeps.json @@ -202,6 +202,10 @@ "ImportPath": "k8s.io/api/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -514,6 +518,14 @@ "ImportPath": "k8s.io/client-go/informers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/informers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/autoscaling", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -710,6 +722,14 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/apps/v1beta2/fake", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/auditregistration/v1alpha1/fake", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/authentication/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -938,6 +958,10 @@ "ImportPath": "k8s.io/client-go/listers/apps/v1beta2", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/auditregistration/v1alpha1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/autoscaling/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/test/cmd/get.sh b/test/cmd/get.sh index 089e5aa4e59..a8981748007 100755 --- a/test/cmd/get.sh +++ b/test/cmd/get.sh @@ -162,7 +162,7 @@ run_kubectl_get_tests() { kube::test::if_has_string "${output_message}" 'valid-pod:' ## check --allow-missing-template-keys=false results in an error for a missing key with jsonpath - output_message=$(! kubectl get pod valid-pod --allow-missing-template-keys=false -o jsonpath='{.missing}' "${kube_flags[@]}") + output_message=$(! kubectl get pod valid-pod --allow-missing-template-keys=false -o jsonpath='{.missing}' 2>&1 "${kube_flags[@]}") kube::test::if_has_string "${output_message}" 'missing is not found' ## check --allow-missing-template-keys=false results in an error for a missing key with go diff --git a/test/e2e/framework/resource_usage_gatherer.go b/test/e2e/framework/resource_usage_gatherer.go index 93aa16a412c..c7d6874a37e 100644 --- a/test/e2e/framework/resource_usage_gatherer.go +++ b/test/e2e/framework/resource_usage_gatherer.go @@ -48,6 +48,8 @@ type SingleContainerSummary struct { // we can't have int here, as JSON does not accept integer keys. type ResourceUsageSummary map[string][]SingleContainerSummary +const NoCPUConstraint = math.MaxFloat64 + func (s *ResourceUsageSummary) PrintHumanReadable() string { buf := &bytes.Buffer{} w := tabwriter.NewWriter(buf, 1, 0, 1, ' ', 0) diff --git a/test/e2e/kubectl/kubectl.go b/test/e2e/kubectl/kubectl.go index fafda661ea1..333e665072e 100644 --- a/test/e2e/kubectl/kubectl.go +++ b/test/e2e/kubectl/kubectl.go @@ -847,6 +847,13 @@ metadata: }) }) + framework.KubeDescribe("Kubectl cluster-info dump", func() { + It("should check if cluster-info dump succeeds", func() { + By("running cluster-info dump") + framework.RunKubectlOrDie("cluster-info", "dump") + }) + }) + framework.KubeDescribe("Kubectl describe", func() { /* Release : v1.9 diff --git a/test/e2e/scalability/density.go b/test/e2e/scalability/density.go index 69ab8d2e508..67d9a9235c7 100644 --- a/test/e2e/scalability/density.go +++ b/test/e2e/scalability/density.go @@ -224,6 +224,14 @@ func density30AddonResourceVerifier(numNodes int) map[string]framework.ResourceC CPUConstraint: schedulerCPU, MemoryConstraint: schedulerMem, } + constraints["coredns"] = framework.ResourceConstraint{ + CPUConstraint: framework.NoCPUConstraint, + MemoryConstraint: 170 * (1024 * 1024), + } + constraints["kubedns"] = framework.ResourceConstraint{ + CPUConstraint: framework.NoCPUConstraint, + MemoryConstraint: 170 * (1024 * 1024), + } return constraints } diff --git a/test/e2e/scalability/load.go b/test/e2e/scalability/load.go index 3f528c229cc..78d3d45c55c 100644 --- a/test/e2e/scalability/load.go +++ b/test/e2e/scalability/load.go @@ -232,6 +232,8 @@ var _ = SIGDescribe("Load capacity", func() { framework.ExpectNoError(CreateQuotas(f, namespaces, 2*totalPods, testPhaseDurations.StartPhase(115, "quota creation"))) } + f.AddonResourceConstraints = loadResourceConstraints() + serviceCreationPhase := testPhaseDurations.StartPhase(120, "services creation") defer serviceCreationPhase.End() if itArg.services { @@ -429,6 +431,19 @@ func computePodCounts(total int) (int, int, int) { return smallGroupCount, mediumGroupCount, bigGroupCount } +func loadResourceConstraints() map[string]framework.ResourceConstraint { + constraints := make(map[string]framework.ResourceConstraint) + constraints["coredns"] = framework.ResourceConstraint{ + CPUConstraint: framework.NoCPUConstraint, + MemoryConstraint: 170 * (1024 * 1024), + } + constraints["kubedns"] = framework.ResourceConstraint{ + CPUConstraint: framework.NoCPUConstraint, + MemoryConstraint: 170 * (1024 * 1024), + } + return constraints +} + func generateConfigs( totalPods int, image string, diff --git a/test/e2e/storage/utils/utils.go b/test/e2e/storage/utils/utils.go index fac42ba9159..c6cd4e8a3b0 100644 --- a/test/e2e/storage/utils/utils.go +++ b/test/e2e/storage/utils/utils.go @@ -220,13 +220,13 @@ func TestVolumeUnmountsFromDeletedPodWithForceOption(c clientset.Interface, f *f Expect(result.Code).To(BeZero(), fmt.Sprintf("Expected grep exit code of 0, got %d", result.Code)) } + // This command is to make sure kubelet is started after test finishes no matter it fails or not. + defer func() { + KubeletCommand(KStart, c, clientPod) + }() By("Stopping the kubelet.") KubeletCommand(KStop, c, clientPod) - defer func() { - if err != nil { - KubeletCommand(KStart, c, clientPod) - } - }() + By(fmt.Sprintf("Deleting Pod %q", clientPod.Name)) if forceDelete { err = c.CoreV1().Pods(clientPod.Namespace).Delete(clientPod.Name, metav1.NewDeleteOptions(0)) diff --git a/test/integration/apiserver/BUILD b/test/integration/apiserver/BUILD index 1c283c0ec47..8261c405698 100644 --- a/test/integration/apiserver/BUILD +++ b/test/integration/apiserver/BUILD @@ -26,6 +26,7 @@ go_test( "//pkg/master:go_default_library", "//pkg/printers:go_default_library", "//pkg/printers/internalversion:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/batch/v2alpha1:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/test/integration/apiserver/print_test.go b/test/integration/apiserver/print_test.go index be5c2c38920..5411492c906 100644 --- a/test/integration/apiserver/print_test.go +++ b/test/integration/apiserver/print_test.go @@ -26,6 +26,7 @@ import ( "testing" "time" + auditregv1alpha1 "k8s.io/api/auditregistration/v1alpha1" batchv2alpha1 "k8s.io/api/batch/v2alpha1" rbacv1alpha1 "k8s.io/api/rbac/v1alpha1" schedulerapi "k8s.io/api/scheduling/v1beta1" @@ -130,11 +131,13 @@ var missingHanlders = sets.NewString( "VolumeAttachment", "PriorityClass", "PodPreset", + "AuditSink", ) func TestServerSidePrint(t *testing.T) { s, _, closeFn := setup(t, // additional groupversions needed for the test to run + auditregv1alpha1.SchemeGroupVersion, batchv2alpha1.SchemeGroupVersion, rbacv1alpha1.SchemeGroupVersion, settingsv1alpha1.SchemeGroupVersion, diff --git a/test/integration/framework/BUILD b/test/integration/framework/BUILD index 412f6772d88..9fb021ed33a 100644 --- a/test/integration/framework/BUILD +++ b/test/integration/framework/BUILD @@ -29,6 +29,7 @@ go_library( "//pkg/util/env:go_default_library", "//pkg/version:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", + "//staging/src/k8s.io/api/auditregistration/v1alpha1:go_default_library", "//staging/src/k8s.io/api/autoscaling/v1:go_default_library", "//staging/src/k8s.io/api/certificates/v1beta1:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", diff --git a/test/integration/framework/master_utils.go b/test/integration/framework/master_utils.go index 829550dbbf1..ad464082987 100644 --- a/test/integration/framework/master_utils.go +++ b/test/integration/framework/master_utils.go @@ -28,6 +28,7 @@ import ( "github.com/pborman/uuid" apps "k8s.io/api/apps/v1beta1" + auditreg "k8s.io/api/auditregistration/v1alpha1" autoscaling "k8s.io/api/autoscaling/v1" certificates "k8s.io/api/certificates/v1beta1" "k8s.io/api/core/v1" @@ -290,6 +291,10 @@ func NewMasterConfig() *master.Config { schema.GroupResource{Group: storage.GroupName, Resource: serverstorage.AllResources}, "", ns) + storageFactory.SetSerializer( + schema.GroupResource{Group: auditreg.GroupName, Resource: serverstorage.AllResources}, + "", + ns) genericConfig := genericapiserver.NewConfig(legacyscheme.Codecs) kubeVersion := version.Get() diff --git a/vendor/BUILD b/vendor/BUILD index 9039b2bdd89..6fe04641294 100644 --- a/vendor/BUILD +++ b/vendor/BUILD @@ -18,11 +18,12 @@ filegroup( "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute:all-srcs", "//vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry:all-srcs", "//vendor/github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network:all-srcs", - "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage:all-srcs", + "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:all-srcs", "//vendor/github.com/Azure/azure-sdk-for-go/storage:all-srcs", "//vendor/github.com/Azure/azure-sdk-for-go/version:all-srcs", "//vendor/github.com/Azure/go-ansiterm:all-srcs", "//vendor/github.com/Azure/go-autorest/autorest:all-srcs", + "//vendor/github.com/Azure/go-autorest/logger:all-srcs", "//vendor/github.com/Azure/go-autorest/version:all-srcs", "//vendor/github.com/GeertJohan/go.rice:all-srcs", "//vendor/github.com/JeffAshton/win_pdh:all-srcs", diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute/models.go index 166790d037a..cc4bc867323 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute/models.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute/models.go @@ -798,84 +798,6 @@ func PossibleVirtualMachineSizeTypesValues() []VirtualMachineSizeTypes { // AccessURI a disk access SAS uri. type AccessURI struct { autorest.Response `json:"-"` - // AccessURIOutput - Operation output data (raw JSON) - *AccessURIOutput `json:"properties,omitempty"` -} - -// MarshalJSON is the custom marshaler for AccessURI. -func (au AccessURI) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if au.AccessURIOutput != nil { - objectMap["properties"] = au.AccessURIOutput - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for AccessURI struct. -func (au *AccessURI) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var accessURIOutput AccessURIOutput - err = json.Unmarshal(*v, &accessURIOutput) - if err != nil { - return err - } - au.AccessURIOutput = &accessURIOutput - } - } - } - - return nil -} - -// AccessURIOutput azure properties, including output. -type AccessURIOutput struct { - // AccessURIRaw - Operation output data (raw JSON) - *AccessURIRaw `json:"output,omitempty"` -} - -// MarshalJSON is the custom marshaler for AccessURIOutput. -func (auo AccessURIOutput) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if auo.AccessURIRaw != nil { - objectMap["output"] = auo.AccessURIRaw - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for AccessURIOutput struct. -func (auo *AccessURIOutput) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "output": - if v != nil { - var accessURIRaw AccessURIRaw - err = json.Unmarshal(*v, &accessURIRaw) - if err != nil { - return err - } - auo.AccessURIRaw = &accessURIRaw - } - } - } - - return nil -} - -// AccessURIRaw a disk access SAS uri. -type AccessURIRaw struct { // AccessSAS - A SAS uri for accessing a disk. AccessSAS *string `json:"accessSAS,omitempty"` } @@ -1290,7 +1212,7 @@ type DataDisk struct { WriteAcceleratorEnabled *bool `json:"writeAcceleratorEnabled,omitempty"` // CreateOption - Specifies how the virtual machine should be created.

Possible values are:

**Attach** \u2013 This value is used when you are using a specialized disk to create the virtual machine.

**FromImage** \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. Possible values include: 'DiskCreateOptionTypesFromImage', 'DiskCreateOptionTypesEmpty', 'DiskCreateOptionTypesAttach' CreateOption DiskCreateOptionTypes `json:"createOption,omitempty"` - // DiskSizeGB - Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image.

This value cannot be larger than 1023 GB + // DiskSizeGB - Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image.

This value cannot be larger than 1023 GB DiskSizeGB *int32 `json:"diskSizeGB,omitempty"` // ManagedDisk - The managed disk parameters. ManagedDisk *ManagedDiskParameters `json:"managedDisk,omitempty"` @@ -2718,7 +2640,7 @@ type OSDisk struct { WriteAcceleratorEnabled *bool `json:"writeAcceleratorEnabled,omitempty"` // CreateOption - Specifies how the virtual machine should be created.

Possible values are:

**Attach** \u2013 This value is used when you are using a specialized disk to create the virtual machine.

**FromImage** \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you also use the plan element previously described. Possible values include: 'DiskCreateOptionTypesFromImage', 'DiskCreateOptionTypesEmpty', 'DiskCreateOptionTypesAttach' CreateOption DiskCreateOptionTypes `json:"createOption,omitempty"` - // DiskSizeGB - Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image.

This value cannot be larger than 1023 GB + // DiskSizeGB - Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the size of the disk in a virtual machine image.

This value cannot be larger than 1023 GB DiskSizeGB *int32 `json:"diskSizeGB,omitempty"` // ManagedDisk - The managed disk parameters. ManagedDisk *ManagedDiskParameters `json:"managedDisk,omitempty"` diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/models.go index dd5019e5355..19c6fb28d78 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/models.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/models.go @@ -441,8 +441,10 @@ type ImportImageParameters struct { // ImportSource ... type ImportSource struct { - // ResourceID - The resource identifier of the target Azure Container Registry. + // ResourceID - The resource identifier of the source Azure Container Registry. ResourceID *string `json:"resourceId,omitempty"` + // RegistryURI - The address of the source registry. + RegistryURI *string `json:"registryUri,omitempty"` // SourceImage - Repository name of the source image. // Specify an image by repository ('hello-world'). This will use the 'latest' tag. // Specify an image by tag ('hello-world:latest'). diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/registries.go b/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/registries.go index 4e6598d12c3..4fce43c74d0 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/registries.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry/registries.go @@ -372,9 +372,7 @@ func (client RegistriesClient) ImportImage(ctx context.Context, resourceGroupNam {Target: "registryName", Name: validation.Pattern, Rule: `^[a-zA-Z0-9]*$`, Chain: nil}}}, {TargetValue: parameters, Constraints: []validation.Constraint{{Target: "parameters.Source", Name: validation.Null, Rule: true, - Chain: []validation.Constraint{{Target: "parameters.Source.ResourceID", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "parameters.Source.SourceImage", Name: validation.Null, Rule: true, Chain: nil}, - }}}}}); err != nil { + Chain: []validation.Constraint{{Target: "parameters.Source.SourceImage", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { return result, validation.NewError("containerregistry.RegistriesClient", "ImportImage", err.Error()) } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/usage.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/usage.go deleted file mode 100644 index 16942e6f754..00000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/usage.go +++ /dev/null @@ -1,102 +0,0 @@ -package storage - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "net/http" -) - -// UsageClient is the the Azure Storage Management API. -type UsageClient struct { - BaseClient -} - -// NewUsageClient creates an instance of the UsageClient client. -func NewUsageClient(subscriptionID string) UsageClient { - return NewUsageClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewUsageClientWithBaseURI creates an instance of the UsageClient client. -func NewUsageClientWithBaseURI(baseURI string, subscriptionID string) UsageClient { - return UsageClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// List gets the current usage count and the limit for the resources under the subscription. -func (client UsageClient) List(ctx context.Context) (result UsageListResult, err error) { - req, err := client.ListPreparer(ctx) - if err != nil { - err = autorest.NewErrorWithError(err, "storage.UsageClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "storage.UsageClient", "List", resp, "Failure sending request") - return - } - - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "storage.UsageClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client UsageClient) ListPreparer(ctx context.Context) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2017-10-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Storage/usages", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client UsageClient) ListSender(req *http.Request) (*http.Response, error) { - return autorest.SendWithSender(client, req, - azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client UsageClient) ListResponder(resp *http.Response) (result UsageListResult, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/BUILD b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/BUILD similarity index 86% rename from vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/BUILD rename to vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/BUILD index 1d8a847ce4b..8cc4db8b272 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/BUILD +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/BUILD @@ -4,15 +4,17 @@ go_library( name = "go_default_library", srcs = [ "accounts.go", + "blobcontainers.go", "client.go", + "managementpolicies.go", "models.go", "operations.go", "skus.go", - "usage.go", + "usages.go", "version.go", ], - importmap = "k8s.io/kubernetes/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage", - importpath = "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage", + importmap = "k8s.io/kubernetes/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage", + importpath = "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage", visibility = ["//visibility:public"], deps = [ "//vendor/github.com/Azure/azure-sdk-for-go/version:go_default_library", diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/accounts.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/accounts.go similarity index 93% rename from vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/accounts.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/accounts.go index 56dc300ec18..1af73b7c9c8 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/accounts.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/accounts.go @@ -48,7 +48,9 @@ func (client AccountsClient) CheckNameAvailability(ctx context.Context, accountN if err := validation.Validate([]validation.Validation{ {TargetValue: accountName, Constraints: []validation.Constraint{{Target: "accountName.Name", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "accountName.Type", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { + {Target: "accountName.Type", Name: validation.Null, Rule: true, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "CheckNameAvailability", err.Error()) } @@ -79,7 +81,7 @@ func (client AccountsClient) CheckNameAvailabilityPreparer(ctx context.Context, "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -141,7 +143,9 @@ func (client AccountsClient) Create(ctx context.Context, resourceGroupName strin {Target: "parameters.AccountPropertiesCreateParameters", Name: validation.Null, Rule: false, Chain: []validation.Constraint{{Target: "parameters.AccountPropertiesCreateParameters.CustomDomain", Name: validation.Null, Rule: false, Chain: []validation.Constraint{{Target: "parameters.AccountPropertiesCreateParameters.CustomDomain.Name", Name: validation.Null, Rule: true, Chain: nil}}}, - }}}}}); err != nil { + }}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "Create", err.Error()) } @@ -168,7 +172,7 @@ func (client AccountsClient) CreatePreparer(ctx context.Context, resourceGroupNa "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -227,7 +231,9 @@ func (client AccountsClient) Delete(ctx context.Context, resourceGroupName strin {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, {TargetValue: accountName, Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, - {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil { + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "Delete", err.Error()) } @@ -260,7 +266,7 @@ func (client AccountsClient) DeletePreparer(ctx context.Context, resourceGroupNa "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -307,7 +313,9 @@ func (client AccountsClient) GetProperties(ctx context.Context, resourceGroupNam {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, {TargetValue: accountName, Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, - {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil { + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "GetProperties", err.Error()) } @@ -340,7 +348,7 @@ func (client AccountsClient) GetPropertiesPreparer(ctx context.Context, resource "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -376,6 +384,12 @@ func (client AccountsClient) GetPropertiesResponder(resp *http.Response) (result // List lists all the storage accounts available under the subscription. Note that storage keys are not returned; use // the ListKeys operation for this. func (client AccountsClient) List(ctx context.Context) (result AccountListResult, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.AccountsClient", "List", err.Error()) + } + req, err := client.ListPreparer(ctx) if err != nil { err = autorest.NewErrorWithError(err, "storage.AccountsClient", "List", nil, "Failure preparing request") @@ -403,7 +417,7 @@ func (client AccountsClient) ListPreparer(ctx context.Context) (*http.Request, e "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -453,7 +467,9 @@ func (client AccountsClient) ListAccountSAS(ctx context.Context, resourceGroupNa Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, {TargetValue: parameters, - Constraints: []validation.Constraint{{Target: "parameters.SharedAccessExpiryTime", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { + Constraints: []validation.Constraint{{Target: "parameters.SharedAccessExpiryTime", Name: validation.Null, Rule: true, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "ListAccountSAS", err.Error()) } @@ -486,7 +502,7 @@ func (client AccountsClient) ListAccountSASPreparer(ctx context.Context, resourc "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -531,7 +547,9 @@ func (client AccountsClient) ListByResourceGroup(ctx context.Context, resourceGr {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil { + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "ListByResourceGroup", err.Error()) } @@ -563,7 +581,7 @@ func (client AccountsClient) ListByResourceGroupPreparer(ctx context.Context, re "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -610,7 +628,9 @@ func (client AccountsClient) ListKeys(ctx context.Context, resourceGroupName str {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, {TargetValue: accountName, Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, - {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil { + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "ListKeys", err.Error()) } @@ -643,7 +663,7 @@ func (client AccountsClient) ListKeysPreparer(ctx context.Context, resourceGroup "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -695,7 +715,9 @@ func (client AccountsClient) ListServiceSAS(ctx context.Context, resourceGroupNa {TargetValue: parameters, Constraints: []validation.Constraint{{Target: "parameters.CanonicalizedResource", Name: validation.Null, Rule: true, Chain: nil}, {Target: "parameters.Identifier", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "parameters.Identifier", Name: validation.MaxLength, Rule: 64, Chain: nil}}}}}}); err != nil { + Chain: []validation.Constraint{{Target: "parameters.Identifier", Name: validation.MaxLength, Rule: 64, Chain: nil}}}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "ListServiceSAS", err.Error()) } @@ -728,7 +750,7 @@ func (client AccountsClient) ListServiceSASPreparer(ctx context.Context, resourc "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -780,7 +802,9 @@ func (client AccountsClient) RegenerateKey(ctx context.Context, resourceGroupNam Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, {TargetValue: regenerateKey, - Constraints: []validation.Constraint{{Target: "regenerateKey.KeyName", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { + Constraints: []validation.Constraint{{Target: "regenerateKey.KeyName", Name: validation.Null, Rule: true, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "RegenerateKey", err.Error()) } @@ -813,7 +837,7 @@ func (client AccountsClient) RegenerateKeyPreparer(ctx context.Context, resource "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -868,7 +892,9 @@ func (client AccountsClient) Update(ctx context.Context, resourceGroupName strin {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, {TargetValue: accountName, Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, - {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil { + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("storage.AccountsClient", "Update", err.Error()) } @@ -901,7 +927,7 @@ func (client AccountsClient) UpdatePreparer(ctx context.Context, resourceGroupNa "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/blobcontainers.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/blobcontainers.go new file mode 100644 index 00000000000..d8d5cdafced --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/blobcontainers.go @@ -0,0 +1,1188 @@ +package storage + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "net/http" +) + +// BlobContainersClient is the the Azure Storage Management API. +type BlobContainersClient struct { + BaseClient +} + +// NewBlobContainersClient creates an instance of the BlobContainersClient client. +func NewBlobContainersClient(subscriptionID string) BlobContainersClient { + return NewBlobContainersClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewBlobContainersClientWithBaseURI creates an instance of the BlobContainersClient client. +func NewBlobContainersClientWithBaseURI(baseURI string, subscriptionID string) BlobContainersClient { + return BlobContainersClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// ClearLegalHold clears legal hold tags. Clearing the same or non-existent tag results in an idempotent operation. +// ClearLegalHold clears out only the specified tags in the request. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// legalHold - the LegalHold property that will be clear from a blob container. +func (client BlobContainersClient) ClearLegalHold(ctx context.Context, resourceGroupName string, accountName string, containerName string, legalHold LegalHold) (result LegalHold, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: legalHold, + Constraints: []validation.Constraint{{Target: "legalHold.Tags", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "ClearLegalHold", err.Error()) + } + + req, err := client.ClearLegalHoldPreparer(ctx, resourceGroupName, accountName, containerName, legalHold) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "ClearLegalHold", nil, "Failure preparing request") + return + } + + resp, err := client.ClearLegalHoldSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "ClearLegalHold", resp, "Failure sending request") + return + } + + result, err = client.ClearLegalHoldResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "ClearLegalHold", resp, "Failure responding to request") + } + + return +} + +// ClearLegalHoldPreparer prepares the ClearLegalHold request. +func (client BlobContainersClient) ClearLegalHoldPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, legalHold LegalHold) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/clearLegalHold", pathParameters), + autorest.WithJSON(legalHold), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ClearLegalHoldSender sends the ClearLegalHold request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) ClearLegalHoldSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ClearLegalHoldResponder handles the response to the ClearLegalHold request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) ClearLegalHoldResponder(resp *http.Response) (result LegalHold, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Create creates a new container under the specified account as described by request body. The container resource +// includes metadata and properties for that container. It does not include a list of the blobs contained by the +// container. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// blobContainer - properties of the blob container to create. +func (client BlobContainersClient) Create(ctx context.Context, resourceGroupName string, accountName string, containerName string, blobContainer BlobContainer) (result BlobContainer, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: blobContainer, + Constraints: []validation.Constraint{{Target: "blobContainer.ContainerProperties", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "blobContainer.ContainerProperties.ImmutabilityPolicy", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "blobContainer.ContainerProperties.ImmutabilityPolicy.ImmutabilityPolicyProperty", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "blobContainer.ContainerProperties.ImmutabilityPolicy.ImmutabilityPolicyProperty.ImmutabilityPeriodSinceCreationInDays", Name: validation.Null, Rule: true, Chain: nil}}}, + }}, + }}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "Create", err.Error()) + } + + req, err := client.CreatePreparer(ctx, resourceGroupName, accountName, containerName, blobContainer) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Create", nil, "Failure preparing request") + return + } + + resp, err := client.CreateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Create", resp, "Failure sending request") + return + } + + result, err = client.CreateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Create", resp, "Failure responding to request") + } + + return +} + +// CreatePreparer prepares the Create request. +func (client BlobContainersClient) CreatePreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, blobContainer BlobContainer) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}", pathParameters), + autorest.WithJSON(blobContainer), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateSender sends the Create request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) CreateSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// CreateResponder handles the response to the Create request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) CreateResponder(resp *http.Response) (result BlobContainer, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// CreateOrUpdateImmutabilityPolicy creates or updates an unlocked immutability policy. ETag in If-Match is honored if +// given but not required for this operation. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// parameters - the ImmutabilityPolicy Properties that will be created or updated to a blob container. +// ifMatch - the entity state (ETag) version of the immutability policy to update. A value of "*" can be used +// to apply the operation only if the immutability policy already exists. If omitted, this operation will +// always be applied. +func (client BlobContainersClient) CreateOrUpdateImmutabilityPolicy(ctx context.Context, resourceGroupName string, accountName string, containerName string, parameters *ImmutabilityPolicy, ifMatch string) (result ImmutabilityPolicy, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: parameters, + Constraints: []validation.Constraint{{Target: "parameters", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "parameters.ImmutabilityPolicyProperty", Name: validation.Null, Rule: true, + Chain: []validation.Constraint{{Target: "parameters.ImmutabilityPolicyProperty.ImmutabilityPeriodSinceCreationInDays", Name: validation.Null, Rule: true, Chain: nil}}}, + }}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "CreateOrUpdateImmutabilityPolicy", err.Error()) + } + + req, err := client.CreateOrUpdateImmutabilityPolicyPreparer(ctx, resourceGroupName, accountName, containerName, parameters, ifMatch) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "CreateOrUpdateImmutabilityPolicy", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateImmutabilityPolicySender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "CreateOrUpdateImmutabilityPolicy", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateImmutabilityPolicyResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "CreateOrUpdateImmutabilityPolicy", resp, "Failure responding to request") + } + + return +} + +// CreateOrUpdateImmutabilityPolicyPreparer prepares the CreateOrUpdateImmutabilityPolicy request. +func (client BlobContainersClient) CreateOrUpdateImmutabilityPolicyPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, parameters *ImmutabilityPolicy, ifMatch string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "immutabilityPolicyName": autorest.Encode("path", "default"), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/immutabilityPolicies/{immutabilityPolicyName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + if parameters != nil { + preparer = autorest.DecoratePreparer(preparer, + autorest.WithJSON(parameters)) + } + if len(ifMatch) > 0 { + preparer = autorest.DecoratePreparer(preparer, + autorest.WithHeader("If-Match", autorest.String(ifMatch))) + } + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateImmutabilityPolicySender sends the CreateOrUpdateImmutabilityPolicy request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) CreateOrUpdateImmutabilityPolicySender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// CreateOrUpdateImmutabilityPolicyResponder handles the response to the CreateOrUpdateImmutabilityPolicy request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) CreateOrUpdateImmutabilityPolicyResponder(resp *http.Response) (result ImmutabilityPolicy, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete deletes specified container under its account. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +func (client BlobContainersClient) Delete(ctx context.Context, resourceGroupName string, accountName string, containerName string) (result autorest.Response, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, accountName, containerName) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Delete", resp, "Failure responding to request") + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client BlobContainersClient) DeletePreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) DeleteSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// DeleteImmutabilityPolicy aborts an unlocked immutability policy. The response of delete has +// immutabilityPeriodSinceCreationInDays set to 0. ETag in If-Match is required for this operation. Deleting a locked +// immutability policy is not allowed, only way is to delete the container after deleting all blobs inside the +// container. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// ifMatch - the entity state (ETag) version of the immutability policy to update. A value of "*" can be used +// to apply the operation only if the immutability policy already exists. If omitted, this operation will +// always be applied. +func (client BlobContainersClient) DeleteImmutabilityPolicy(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string) (result ImmutabilityPolicy, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "DeleteImmutabilityPolicy", err.Error()) + } + + req, err := client.DeleteImmutabilityPolicyPreparer(ctx, resourceGroupName, accountName, containerName, ifMatch) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "DeleteImmutabilityPolicy", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteImmutabilityPolicySender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "DeleteImmutabilityPolicy", resp, "Failure sending request") + return + } + + result, err = client.DeleteImmutabilityPolicyResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "DeleteImmutabilityPolicy", resp, "Failure responding to request") + } + + return +} + +// DeleteImmutabilityPolicyPreparer prepares the DeleteImmutabilityPolicy request. +func (client BlobContainersClient) DeleteImmutabilityPolicyPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "immutabilityPolicyName": autorest.Encode("path", "default"), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/immutabilityPolicies/{immutabilityPolicyName}", pathParameters), + autorest.WithQueryParameters(queryParameters), + autorest.WithHeader("If-Match", autorest.String(ifMatch))) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteImmutabilityPolicySender sends the DeleteImmutabilityPolicy request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) DeleteImmutabilityPolicySender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteImmutabilityPolicyResponder handles the response to the DeleteImmutabilityPolicy request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) DeleteImmutabilityPolicyResponder(resp *http.Response) (result ImmutabilityPolicy, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// ExtendImmutabilityPolicy extends the immutabilityPeriodSinceCreationInDays of a locked immutabilityPolicy. The only +// action allowed on a Locked policy will be this action. ETag in If-Match is required for this operation. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// ifMatch - the entity state (ETag) version of the immutability policy to update. A value of "*" can be used +// to apply the operation only if the immutability policy already exists. If omitted, this operation will +// always be applied. +// parameters - the ImmutabilityPolicy Properties that will be extented for a blob container. +func (client BlobContainersClient) ExtendImmutabilityPolicy(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string, parameters *ImmutabilityPolicy) (result ImmutabilityPolicy, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: parameters, + Constraints: []validation.Constraint{{Target: "parameters", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "parameters.ImmutabilityPolicyProperty", Name: validation.Null, Rule: true, + Chain: []validation.Constraint{{Target: "parameters.ImmutabilityPolicyProperty.ImmutabilityPeriodSinceCreationInDays", Name: validation.Null, Rule: true, Chain: nil}}}, + }}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "ExtendImmutabilityPolicy", err.Error()) + } + + req, err := client.ExtendImmutabilityPolicyPreparer(ctx, resourceGroupName, accountName, containerName, ifMatch, parameters) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "ExtendImmutabilityPolicy", nil, "Failure preparing request") + return + } + + resp, err := client.ExtendImmutabilityPolicySender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "ExtendImmutabilityPolicy", resp, "Failure sending request") + return + } + + result, err = client.ExtendImmutabilityPolicyResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "ExtendImmutabilityPolicy", resp, "Failure responding to request") + } + + return +} + +// ExtendImmutabilityPolicyPreparer prepares the ExtendImmutabilityPolicy request. +func (client BlobContainersClient) ExtendImmutabilityPolicyPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string, parameters *ImmutabilityPolicy) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/immutabilityPolicies/default/extend", pathParameters), + autorest.WithQueryParameters(queryParameters), + autorest.WithHeader("If-Match", autorest.String(ifMatch))) + if parameters != nil { + preparer = autorest.DecoratePreparer(preparer, + autorest.WithJSON(parameters)) + } + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ExtendImmutabilityPolicySender sends the ExtendImmutabilityPolicy request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) ExtendImmutabilityPolicySender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ExtendImmutabilityPolicyResponder handles the response to the ExtendImmutabilityPolicy request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) ExtendImmutabilityPolicyResponder(resp *http.Response) (result ImmutabilityPolicy, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Get gets properties of a specified container. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +func (client BlobContainersClient) Get(ctx context.Context, resourceGroupName string, accountName string, containerName string) (result BlobContainer, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, accountName, containerName) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Get", resp, "Failure responding to request") + } + + return +} + +// GetPreparer prepares the Get request. +func (client BlobContainersClient) GetPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) GetSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) GetResponder(resp *http.Response) (result BlobContainer, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// GetImmutabilityPolicy gets the existing immutability policy along with the corresponding ETag in response headers +// and body. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// ifMatch - the entity state (ETag) version of the immutability policy to update. A value of "*" can be used +// to apply the operation only if the immutability policy already exists. If omitted, this operation will +// always be applied. +func (client BlobContainersClient) GetImmutabilityPolicy(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string) (result ImmutabilityPolicy, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "GetImmutabilityPolicy", err.Error()) + } + + req, err := client.GetImmutabilityPolicyPreparer(ctx, resourceGroupName, accountName, containerName, ifMatch) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "GetImmutabilityPolicy", nil, "Failure preparing request") + return + } + + resp, err := client.GetImmutabilityPolicySender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "GetImmutabilityPolicy", resp, "Failure sending request") + return + } + + result, err = client.GetImmutabilityPolicyResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "GetImmutabilityPolicy", resp, "Failure responding to request") + } + + return +} + +// GetImmutabilityPolicyPreparer prepares the GetImmutabilityPolicy request. +func (client BlobContainersClient) GetImmutabilityPolicyPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "immutabilityPolicyName": autorest.Encode("path", "default"), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/immutabilityPolicies/{immutabilityPolicyName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + if len(ifMatch) > 0 { + preparer = autorest.DecoratePreparer(preparer, + autorest.WithHeader("If-Match", autorest.String(ifMatch))) + } + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetImmutabilityPolicySender sends the GetImmutabilityPolicy request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) GetImmutabilityPolicySender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// GetImmutabilityPolicyResponder handles the response to the GetImmutabilityPolicy request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) GetImmutabilityPolicyResponder(resp *http.Response) (result ImmutabilityPolicy, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List lists all containers and does not support a prefix like data plane. Also SRP today does not return continuation +// token. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +func (client BlobContainersClient) List(ctx context.Context, resourceGroupName string, accountName string) (result ListContainerItems, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "List", err.Error()) + } + + req, err := client.ListPreparer(ctx, resourceGroupName, accountName) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "List", resp, "Failure sending request") + return + } + + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "List", resp, "Failure responding to request") + } + + return +} + +// ListPreparer prepares the List request. +func (client BlobContainersClient) ListPreparer(ctx context.Context, resourceGroupName string, accountName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) ListSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) ListResponder(resp *http.Response) (result ListContainerItems, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// LockImmutabilityPolicy sets the ImmutabilityPolicy to Locked state. The only action allowed on a Locked policy is +// ExtendImmutabilityPolicy action. ETag in If-Match is required for this operation. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// ifMatch - the entity state (ETag) version of the immutability policy to update. A value of "*" can be used +// to apply the operation only if the immutability policy already exists. If omitted, this operation will +// always be applied. +func (client BlobContainersClient) LockImmutabilityPolicy(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string) (result ImmutabilityPolicy, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "LockImmutabilityPolicy", err.Error()) + } + + req, err := client.LockImmutabilityPolicyPreparer(ctx, resourceGroupName, accountName, containerName, ifMatch) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "LockImmutabilityPolicy", nil, "Failure preparing request") + return + } + + resp, err := client.LockImmutabilityPolicySender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "LockImmutabilityPolicy", resp, "Failure sending request") + return + } + + result, err = client.LockImmutabilityPolicyResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "LockImmutabilityPolicy", resp, "Failure responding to request") + } + + return +} + +// LockImmutabilityPolicyPreparer prepares the LockImmutabilityPolicy request. +func (client BlobContainersClient) LockImmutabilityPolicyPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, ifMatch string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/immutabilityPolicies/default/lock", pathParameters), + autorest.WithQueryParameters(queryParameters), + autorest.WithHeader("If-Match", autorest.String(ifMatch))) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// LockImmutabilityPolicySender sends the LockImmutabilityPolicy request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) LockImmutabilityPolicySender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// LockImmutabilityPolicyResponder handles the response to the LockImmutabilityPolicy request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) LockImmutabilityPolicyResponder(resp *http.Response) (result ImmutabilityPolicy, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// SetLegalHold sets legal hold tags. Setting the same tag results in an idempotent operation. SetLegalHold follows an +// append pattern and does not clear out the existing tags that are not specified in the request. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// legalHold - the LegalHold property that will be set to a blob container. +func (client BlobContainersClient) SetLegalHold(ctx context.Context, resourceGroupName string, accountName string, containerName string, legalHold LegalHold) (result LegalHold, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: legalHold, + Constraints: []validation.Constraint{{Target: "legalHold.Tags", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "SetLegalHold", err.Error()) + } + + req, err := client.SetLegalHoldPreparer(ctx, resourceGroupName, accountName, containerName, legalHold) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "SetLegalHold", nil, "Failure preparing request") + return + } + + resp, err := client.SetLegalHoldSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "SetLegalHold", resp, "Failure sending request") + return + } + + result, err = client.SetLegalHoldResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "SetLegalHold", resp, "Failure responding to request") + } + + return +} + +// SetLegalHoldPreparer prepares the SetLegalHold request. +func (client BlobContainersClient) SetLegalHoldPreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, legalHold LegalHold) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/setLegalHold", pathParameters), + autorest.WithJSON(legalHold), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// SetLegalHoldSender sends the SetLegalHold request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) SetLegalHoldSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// SetLegalHoldResponder handles the response to the SetLegalHold request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) SetLegalHoldResponder(resp *http.Response) (result LegalHold, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Update updates container properties as specified in request body. Properties not mentioned in the request will be +// unchanged. Update fails if the specified container doesn't already exist. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// containerName - the name of the blob container within the specified storage account. Blob container names +// must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every +// dash (-) character must be immediately preceded and followed by a letter or number. +// blobContainer - properties to update for the blob container. +func (client BlobContainersClient) Update(ctx context.Context, resourceGroupName string, accountName string, containerName string, blobContainer BlobContainer) (result BlobContainer, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: containerName, + Constraints: []validation.Constraint{{Target: "containerName", Name: validation.MaxLength, Rule: 63, Chain: nil}, + {Target: "containerName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.BlobContainersClient", "Update", err.Error()) + } + + req, err := client.UpdatePreparer(ctx, resourceGroupName, accountName, containerName, blobContainer) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Update", nil, "Failure preparing request") + return + } + + resp, err := client.UpdateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Update", resp, "Failure sending request") + return + } + + result, err = client.UpdateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.BlobContainersClient", "Update", resp, "Failure responding to request") + } + + return +} + +// UpdatePreparer prepares the Update request. +func (client BlobContainersClient) UpdatePreparer(ctx context.Context, resourceGroupName string, accountName string, containerName string, blobContainer BlobContainer) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "containerName": autorest.Encode("path", containerName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPatch(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}", pathParameters), + autorest.WithJSON(blobContainer), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// UpdateSender sends the Update request. The method will close the +// http.Response Body if it receives an error. +func (client BlobContainersClient) UpdateSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// UpdateResponder handles the response to the Update request. The method always +// closes the http.Response Body. +func (client BlobContainersClient) UpdateResponder(resp *http.Response) (result BlobContainer, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/client.go similarity index 98% rename from vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/client.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/client.go index 2be951c81f1..4ffb5928a83 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/client.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/client.go @@ -1,4 +1,4 @@ -// Package storage implements the Azure ARM Storage service API version 2017-10-01. +// Package storage implements the Azure ARM Storage service API version . // // The Azure Storage Management API. package storage diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/managementpolicies.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/managementpolicies.go new file mode 100644 index 00000000000..69eac469d7e --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/managementpolicies.go @@ -0,0 +1,292 @@ +package storage + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "net/http" +) + +// ManagementPoliciesClient is the the Azure Storage Management API. +type ManagementPoliciesClient struct { + BaseClient +} + +// NewManagementPoliciesClient creates an instance of the ManagementPoliciesClient client. +func NewManagementPoliciesClient(subscriptionID string) ManagementPoliciesClient { + return NewManagementPoliciesClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewManagementPoliciesClientWithBaseURI creates an instance of the ManagementPoliciesClient client. +func NewManagementPoliciesClientWithBaseURI(baseURI string, subscriptionID string) ManagementPoliciesClient { + return ManagementPoliciesClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// CreateOrUpdate sets the data policy rules associated with the specified storage account. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +// properties - the data policy rules to set to a storage account. +func (client ManagementPoliciesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, accountName string, properties ManagementPoliciesRulesSetParameter) (result AccountManagementPolicies, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.ManagementPoliciesClient", "CreateOrUpdate", err.Error()) + } + + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, accountName, properties) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "CreateOrUpdate", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "CreateOrUpdate", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "CreateOrUpdate", resp, "Failure responding to request") + } + + return +} + +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client ManagementPoliciesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, accountName string, properties ManagementPoliciesRulesSetParameter) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "managementPolicyName": autorest.Encode("path", "default"), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-03-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/managementPolicies/{managementPolicyName}", pathParameters), + autorest.WithJSON(properties), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the +// http.Response Body if it receives an error. +func (client ManagementPoliciesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always +// closes the http.Response Body. +func (client ManagementPoliciesClient) CreateOrUpdateResponder(resp *http.Response) (result AccountManagementPolicies, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete deletes the data policy rules associated with the specified storage account. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +func (client ManagementPoliciesClient) Delete(ctx context.Context, resourceGroupName string, accountName string) (result autorest.Response, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.ManagementPoliciesClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, accountName) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "Delete", resp, "Failure responding to request") + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client ManagementPoliciesClient) DeletePreparer(ctx context.Context, resourceGroupName string, accountName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "managementPolicyName": autorest.Encode("path", "default"), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-03-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/managementPolicies/{managementPolicyName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client ManagementPoliciesClient) DeleteSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client ManagementPoliciesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get gets the data policy rules associated with the specified storage account. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// accountName - the name of the storage account within the specified resource group. Storage account names +// must be between 3 and 24 characters in length and use numbers and lower-case letters only. +func (client ManagementPoliciesClient) Get(ctx context.Context, resourceGroupName string, accountName string) (result AccountManagementPolicies, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: accountName, + Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil}, + {Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}, + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.ManagementPoliciesClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, accountName) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.ManagementPoliciesClient", "Get", resp, "Failure responding to request") + } + + return +} + +// GetPreparer prepares the Get request. +func (client ManagementPoliciesClient) GetPreparer(ctx context.Context, resourceGroupName string, accountName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "accountName": autorest.Encode("path", accountName), + "managementPolicyName": autorest.Encode("path", "default"), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-03-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/managementPolicies/{managementPolicyName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client ManagementPoliciesClient) GetSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client ManagementPoliciesClient) GetResponder(resp *http.Response) (result AccountManagementPolicies, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/models.go similarity index 61% rename from vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/models.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/models.go index c215a75c8e5..39f4d414d63 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/models.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/models.go @@ -117,6 +117,38 @@ func PossibleHTTPProtocolValues() []HTTPProtocol { return []HTTPProtocol{HTTPS, Httpshttp} } +// ImmutabilityPolicyState enumerates the values for immutability policy state. +type ImmutabilityPolicyState string + +const ( + // Locked ... + Locked ImmutabilityPolicyState = "Locked" + // Unlocked ... + Unlocked ImmutabilityPolicyState = "Unlocked" +) + +// PossibleImmutabilityPolicyStateValues returns an array of possible values for the ImmutabilityPolicyState const type. +func PossibleImmutabilityPolicyStateValues() []ImmutabilityPolicyState { + return []ImmutabilityPolicyState{Locked, Unlocked} +} + +// ImmutabilityPolicyUpdateType enumerates the values for immutability policy update type. +type ImmutabilityPolicyUpdateType string + +const ( + // Extend ... + Extend ImmutabilityPolicyUpdateType = "extend" + // Lock ... + Lock ImmutabilityPolicyUpdateType = "lock" + // Put ... + Put ImmutabilityPolicyUpdateType = "put" +) + +// PossibleImmutabilityPolicyUpdateTypeValues returns an array of possible values for the ImmutabilityPolicyUpdateType const type. +func PossibleImmutabilityPolicyUpdateTypeValues() []ImmutabilityPolicyUpdateType { + return []ImmutabilityPolicyUpdateType{Extend, Lock, Put} +} + // KeyPermission enumerates the values for key permission. type KeyPermission string @@ -153,6 +185,10 @@ type Kind string const ( // BlobStorage ... BlobStorage Kind = "BlobStorage" + // BlockBlobStorage ... + BlockBlobStorage Kind = "BlockBlobStorage" + // FileStorage ... + FileStorage Kind = "FileStorage" // Storage ... Storage Kind = "Storage" // StorageV2 ... @@ -161,7 +197,58 @@ const ( // PossibleKindValues returns an array of possible values for the Kind const type. func PossibleKindValues() []Kind { - return []Kind{BlobStorage, Storage, StorageV2} + return []Kind{BlobStorage, BlockBlobStorage, FileStorage, Storage, StorageV2} +} + +// LeaseDuration enumerates the values for lease duration. +type LeaseDuration string + +const ( + // Fixed ... + Fixed LeaseDuration = "Fixed" + // Infinite ... + Infinite LeaseDuration = "Infinite" +) + +// PossibleLeaseDurationValues returns an array of possible values for the LeaseDuration const type. +func PossibleLeaseDurationValues() []LeaseDuration { + return []LeaseDuration{Fixed, Infinite} +} + +// LeaseState enumerates the values for lease state. +type LeaseState string + +const ( + // LeaseStateAvailable ... + LeaseStateAvailable LeaseState = "Available" + // LeaseStateBreaking ... + LeaseStateBreaking LeaseState = "Breaking" + // LeaseStateBroken ... + LeaseStateBroken LeaseState = "Broken" + // LeaseStateExpired ... + LeaseStateExpired LeaseState = "Expired" + // LeaseStateLeased ... + LeaseStateLeased LeaseState = "Leased" +) + +// PossibleLeaseStateValues returns an array of possible values for the LeaseState const type. +func PossibleLeaseStateValues() []LeaseState { + return []LeaseState{LeaseStateAvailable, LeaseStateBreaking, LeaseStateBroken, LeaseStateExpired, LeaseStateLeased} +} + +// LeaseStatus enumerates the values for lease status. +type LeaseStatus string + +const ( + // LeaseStatusLocked ... + LeaseStatusLocked LeaseStatus = "Locked" + // LeaseStatusUnlocked ... + LeaseStatusUnlocked LeaseStatus = "Unlocked" +) + +// PossibleLeaseStatusValues returns an array of possible values for the LeaseStatus const type. +func PossibleLeaseStatusValues() []LeaseStatus { + return []LeaseStatus{LeaseStatusLocked, LeaseStatusUnlocked} } // Permissions enumerates the values for permissions. @@ -208,6 +295,23 @@ func PossibleProvisioningStateValues() []ProvisioningState { return []ProvisioningState{Creating, ResolvingDNS, Succeeded} } +// PublicAccess enumerates the values for public access. +type PublicAccess string + +const ( + // PublicAccessBlob ... + PublicAccessBlob PublicAccess = "Blob" + // PublicAccessContainer ... + PublicAccessContainer PublicAccess = "Container" + // PublicAccessNone ... + PublicAccessNone PublicAccess = "None" +) + +// PossiblePublicAccessValues returns an array of possible values for the PublicAccess const type. +func PossiblePublicAccessValues() []PublicAccess { + return []PublicAccess{PublicAccessBlob, PublicAccessContainer, PublicAccessNone} +} + // Reason enumerates the values for reason. type Reason string @@ -299,6 +403,8 @@ type SkuName string const ( // PremiumLRS ... PremiumLRS SkuName = "Premium_LRS" + // PremiumZRS ... + PremiumZRS SkuName = "Premium_ZRS" // StandardGRS ... StandardGRS SkuName = "Standard_GRS" // StandardLRS ... @@ -311,7 +417,7 @@ const ( // PossibleSkuNameValues returns an array of possible values for the SkuName const type. func PossibleSkuNameValues() []SkuName { - return []SkuName{PremiumLRS, StandardGRS, StandardLRS, StandardRAGRS, StandardZRS} + return []SkuName{PremiumLRS, PremiumZRS, StandardGRS, StandardLRS, StandardRAGRS, StandardZRS} } // SkuTier enumerates the values for sku tier. @@ -378,22 +484,22 @@ type Account struct { autorest.Response `json:"-"` // Sku - Gets the SKU. Sku *Sku `json:"sku,omitempty"` - // Kind - Gets the Kind. Possible values include: 'Storage', 'StorageV2', 'BlobStorage' + // Kind - Gets the Kind. Possible values include: 'Storage', 'StorageV2', 'BlobStorage', 'FileStorage', 'BlockBlobStorage' Kind Kind `json:"kind,omitempty"` // Identity - The identity of the resource. Identity *Identity `json:"identity,omitempty"` // AccountProperties - Properties of the storage account. *AccountProperties `json:"properties,omitempty"` - // ID - Resource Id - ID *string `json:"id,omitempty"` - // Name - Resource name - Name *string `json:"name,omitempty"` - // Type - Resource type - Type *string `json:"type,omitempty"` - // Location - Resource location - Location *string `json:"location,omitempty"` - // Tags - Tags assigned to a resource; can be used for viewing and grouping a resource (across resource groups). + // Tags - Resource tags. Tags map[string]*string `json:"tags"` + // Location - The geo-location where the resource lives + Location *string `json:"location,omitempty"` + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` } // MarshalJSON is the custom marshaler for Account. @@ -411,6 +517,12 @@ func (a Account) MarshalJSON() ([]byte, error) { if a.AccountProperties != nil { objectMap["properties"] = a.AccountProperties } + if a.Tags != nil { + objectMap["tags"] = a.Tags + } + if a.Location != nil { + objectMap["location"] = a.Location + } if a.ID != nil { objectMap["id"] = a.ID } @@ -420,12 +532,6 @@ func (a Account) MarshalJSON() ([]byte, error) { if a.Type != nil { objectMap["type"] = a.Type } - if a.Location != nil { - objectMap["location"] = a.Location - } - if a.Tags != nil { - objectMap["tags"] = a.Tags - } return json.Marshal(objectMap) } @@ -474,6 +580,24 @@ func (a *Account) UnmarshalJSON(body []byte) error { } a.AccountProperties = &accountProperties } + case "tags": + if v != nil { + var tags map[string]*string + err = json.Unmarshal(*v, &tags) + if err != nil { + return err + } + a.Tags = tags + } + case "location": + if v != nil { + var location string + err = json.Unmarshal(*v, &location) + if err != nil { + return err + } + a.Location = &location + } case "id": if v != nil { var ID string @@ -501,24 +625,6 @@ func (a *Account) UnmarshalJSON(body []byte) error { } a.Type = &typeVar } - case "location": - if v != nil { - var location string - err = json.Unmarshal(*v, &location) - if err != nil { - return err - } - a.Location = &location - } - case "tags": - if v != nil { - var tags map[string]*string - err = json.Unmarshal(*v, &tags) - if err != nil { - return err - } - a.Tags = tags - } } } @@ -537,7 +643,7 @@ type AccountCheckNameAvailabilityParameters struct { type AccountCreateParameters struct { // Sku - Required. Gets or sets the sku name. Sku *Sku `json:"sku,omitempty"` - // Kind - Required. Indicates the type of storage account. Possible values include: 'Storage', 'StorageV2', 'BlobStorage' + // Kind - Required. Indicates the type of storage account. Possible values include: 'Storage', 'StorageV2', 'BlobStorage', 'FileStorage', 'BlockBlobStorage' Kind Kind `json:"kind,omitempty"` // Location - Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed. Location *string `json:"location,omitempty"` @@ -666,6 +772,96 @@ type AccountListResult struct { Value *[]Account `json:"value,omitempty"` } +// AccountManagementPolicies the Get Storage Account ManagementPolicies operation response. +type AccountManagementPolicies struct { + autorest.Response `json:"-"` + // AccountManagementPoliciesRulesProperty - Returns the Storage Account Data Policies Rules. + *AccountManagementPoliciesRulesProperty `json:"properties,omitempty"` + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` +} + +// MarshalJSON is the custom marshaler for AccountManagementPolicies. +func (amp AccountManagementPolicies) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if amp.AccountManagementPoliciesRulesProperty != nil { + objectMap["properties"] = amp.AccountManagementPoliciesRulesProperty + } + if amp.ID != nil { + objectMap["id"] = amp.ID + } + if amp.Name != nil { + objectMap["name"] = amp.Name + } + if amp.Type != nil { + objectMap["type"] = amp.Type + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for AccountManagementPolicies struct. +func (amp *AccountManagementPolicies) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var accountManagementPoliciesRulesProperty AccountManagementPoliciesRulesProperty + err = json.Unmarshal(*v, &accountManagementPoliciesRulesProperty) + if err != nil { + return err + } + amp.AccountManagementPoliciesRulesProperty = &accountManagementPoliciesRulesProperty + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + amp.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + amp.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + amp.Type = &typeVar + } + } + } + + return nil +} + +// AccountManagementPoliciesRulesProperty the Storage Account Data Policies properties. +type AccountManagementPoliciesRulesProperty struct { + // LastModifiedTime - Returns the date and time the ManagementPolicies was last modified. + LastModifiedTime *date.Time `json:"lastModifiedTime,omitempty"` + // Policy - The Storage Account ManagementPolicies Rules, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts. + Policy interface{} `json:"policy,omitempty"` +} + // AccountProperties properties of the storage account. type AccountProperties struct { // ProvisioningState - Gets the status of the storage account at the time the operation was called. Possible values include: 'Creating', 'ResolvingDNS', 'Succeeded' @@ -692,10 +888,14 @@ type AccountProperties struct { Encryption *Encryption `json:"encryption,omitempty"` // AccessTier - Required for storage accounts where kind = BlobStorage. The access tier used for billing. Possible values include: 'Hot', 'Cool' AccessTier AccessTier `json:"accessTier,omitempty"` + // EnableAzureFilesAadIntegration - Enables Azure Files AAD Integration for SMB if sets to true. + EnableAzureFilesAadIntegration *bool `json:"azureFilesAadIntegration,omitempty"` // EnableHTTPSTrafficOnly - Allows https traffic only to storage service if sets to true. EnableHTTPSTrafficOnly *bool `json:"supportsHttpsTrafficOnly,omitempty"` // NetworkRuleSet - Network rule set NetworkRuleSet *NetworkRuleSet `json:"networkAcls,omitempty"` + // IsHnsEnabled - Account HierarchicalNamespace enabled if sets to true. + IsHnsEnabled *bool `json:"isHnsEnabled,omitempty"` } // AccountPropertiesCreateParameters the parameters used to create the storage account. @@ -708,8 +908,12 @@ type AccountPropertiesCreateParameters struct { NetworkRuleSet *NetworkRuleSet `json:"networkAcls,omitempty"` // AccessTier - Required for storage accounts where kind = BlobStorage. The access tier used for billing. Possible values include: 'Hot', 'Cool' AccessTier AccessTier `json:"accessTier,omitempty"` + // EnableAzureFilesAadIntegration - Enables Azure Files AAD Integration for SMB if sets to true. + EnableAzureFilesAadIntegration *bool `json:"azureFilesAadIntegration,omitempty"` // EnableHTTPSTrafficOnly - Allows https traffic only to storage service if sets to true. EnableHTTPSTrafficOnly *bool `json:"supportsHttpsTrafficOnly,omitempty"` + // IsHnsEnabled - Account HierarchicalNamespace enabled if sets to true. + IsHnsEnabled *bool `json:"isHnsEnabled,omitempty"` } // AccountPropertiesUpdateParameters the parameters used when updating a storage account. @@ -720,6 +924,8 @@ type AccountPropertiesUpdateParameters struct { Encryption *Encryption `json:"encryption,omitempty"` // AccessTier - Required for storage accounts where kind = BlobStorage. The access tier used for billing. Possible values include: 'Hot', 'Cool' AccessTier AccessTier `json:"accessTier,omitempty"` + // EnableAzureFilesAadIntegration - Enables Azure Files AAD Integration for SMB if sets to true. + EnableAzureFilesAadIntegration *bool `json:"azureFilesAadIntegration,omitempty"` // EnableHTTPSTrafficOnly - Allows https traffic only to storage service if sets to true. EnableHTTPSTrafficOnly *bool `json:"supportsHttpsTrafficOnly,omitempty"` // NetworkRuleSet - Network rule set @@ -782,7 +988,7 @@ func (future *AccountsCreateFuture) Result(client AccountsClient) (a Account, er // AccountUpdateParameters the parameters that can be provided when updating the storage account properties. type AccountUpdateParameters struct { - // Sku - Gets or sets the SKU name. Note that the SKU name cannot be updated to Standard_ZRS or Premium_LRS, nor can accounts of those sku names be updated to any other value. + // Sku - Gets or sets the SKU name. Note that the SKU name cannot be updated to Standard_ZRS, Premium_LRS or Premium_ZRS, nor can accounts of those sku names be updated to any other value. Sku *Sku `json:"sku,omitempty"` // Tags - Gets or sets a list of key value pairs that describe the resource. These tags can be used in viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key no greater in length than 128 characters and a value no greater in length than 256 characters. Tags map[string]*string `json:"tags"` @@ -790,7 +996,7 @@ type AccountUpdateParameters struct { Identity *Identity `json:"identity,omitempty"` // AccountPropertiesUpdateParameters - The parameters used when updating a storage account. *AccountPropertiesUpdateParameters `json:"properties,omitempty"` - // Kind - Optional. Indicates the type of storage account. Currently only StorageV2 value supported by server. Possible values include: 'Storage', 'StorageV2', 'BlobStorage' + // Kind - Optional. Indicates the type of storage account. Currently only StorageV2 value supported by server. Possible values include: 'Storage', 'StorageV2', 'BlobStorage', 'FileStorage', 'BlockBlobStorage' Kind Kind `json:"kind,omitempty"` } @@ -875,6 +1081,114 @@ func (aup *AccountUpdateParameters) UnmarshalJSON(body []byte) error { return nil } +// AzureEntityResource the resource model definition for a Azure Resource Manager resource with an etag. +type AzureEntityResource struct { + // Etag - Resource Etag. + Etag *string `json:"etag,omitempty"` + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` +} + +// BlobContainer properties of the blob container, including Id, resource name, resource type, Etag. +type BlobContainer struct { + autorest.Response `json:"-"` + // ContainerProperties - Properties of the blob container. + *ContainerProperties `json:"properties,omitempty"` + // Etag - Resource Etag. + Etag *string `json:"etag,omitempty"` + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` +} + +// MarshalJSON is the custom marshaler for BlobContainer. +func (bc BlobContainer) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if bc.ContainerProperties != nil { + objectMap["properties"] = bc.ContainerProperties + } + if bc.Etag != nil { + objectMap["etag"] = bc.Etag + } + if bc.ID != nil { + objectMap["id"] = bc.ID + } + if bc.Name != nil { + objectMap["name"] = bc.Name + } + if bc.Type != nil { + objectMap["type"] = bc.Type + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for BlobContainer struct. +func (bc *BlobContainer) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var containerProperties ContainerProperties + err = json.Unmarshal(*v, &containerProperties) + if err != nil { + return err + } + bc.ContainerProperties = &containerProperties + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + bc.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + bc.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + bc.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + bc.Type = &typeVar + } + } + } + + return nil +} + // CheckNameAvailabilityResult the CheckNameAvailability operation response. type CheckNameAvailabilityResult struct { autorest.Response `json:"-"` @@ -886,6 +1200,66 @@ type CheckNameAvailabilityResult struct { Message *string `json:"message,omitempty"` } +// ContainerProperties the properties of a container. +type ContainerProperties struct { + // PublicAccess - Specifies whether data in the container may be accessed publicly and the level of access. Possible values include: 'PublicAccessContainer', 'PublicAccessBlob', 'PublicAccessNone' + PublicAccess PublicAccess `json:"publicAccess,omitempty"` + // LastModifiedTime - Returns the date and time the container was last modified. + LastModifiedTime *date.Time `json:"lastModifiedTime,omitempty"` + // LeaseStatus - The lease status of the container. Possible values include: 'LeaseStatusLocked', 'LeaseStatusUnlocked' + LeaseStatus LeaseStatus `json:"leaseStatus,omitempty"` + // LeaseState - Lease state of the container. Possible values include: 'LeaseStateAvailable', 'LeaseStateLeased', 'LeaseStateExpired', 'LeaseStateBreaking', 'LeaseStateBroken' + LeaseState LeaseState `json:"leaseState,omitempty"` + // LeaseDuration - Specifies whether the lease on a container is of infinite or fixed duration, only when the container is leased. Possible values include: 'Infinite', 'Fixed' + LeaseDuration LeaseDuration `json:"leaseDuration,omitempty"` + // Metadata - A name-value pair to associate with the container as metadata. + Metadata map[string]*string `json:"metadata"` + // ImmutabilityPolicy - The ImmutabilityPolicy property of the container. + ImmutabilityPolicy *ImmutabilityPolicyProperties `json:"immutabilityPolicy,omitempty"` + // LegalHold - The LegalHold property of the container. + LegalHold *LegalHoldProperties `json:"legalHold,omitempty"` + // HasLegalHold - The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account. + HasLegalHold *bool `json:"hasLegalHold,omitempty"` + // HasImmutabilityPolicy - The hasImmutabilityPolicy public property is set to true by SRP if ImmutabilityPolicy has been created for this container. The hasImmutabilityPolicy public property is set to false by SRP if ImmutabilityPolicy has not been created for this container. + HasImmutabilityPolicy *bool `json:"hasImmutabilityPolicy,omitempty"` +} + +// MarshalJSON is the custom marshaler for ContainerProperties. +func (cp ContainerProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if cp.PublicAccess != "" { + objectMap["publicAccess"] = cp.PublicAccess + } + if cp.LastModifiedTime != nil { + objectMap["lastModifiedTime"] = cp.LastModifiedTime + } + if cp.LeaseStatus != "" { + objectMap["leaseStatus"] = cp.LeaseStatus + } + if cp.LeaseState != "" { + objectMap["leaseState"] = cp.LeaseState + } + if cp.LeaseDuration != "" { + objectMap["leaseDuration"] = cp.LeaseDuration + } + if cp.Metadata != nil { + objectMap["metadata"] = cp.Metadata + } + if cp.ImmutabilityPolicy != nil { + objectMap["immutabilityPolicy"] = cp.ImmutabilityPolicy + } + if cp.LegalHold != nil { + objectMap["legalHold"] = cp.LegalHold + } + if cp.HasLegalHold != nil { + objectMap["hasLegalHold"] = cp.HasLegalHold + } + if cp.HasImmutabilityPolicy != nil { + objectMap["hasImmutabilityPolicy"] = cp.HasImmutabilityPolicy + } + return json.Marshal(objectMap) +} + // CustomDomain the custom domain assigned to this storage account. This can be set via Update. type CustomDomain struct { // Name - Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source. @@ -932,7 +1306,7 @@ type EncryptionServices struct { Queue *EncryptionService `json:"queue,omitempty"` } -// Endpoints the URIs that are used to perform a retrieval of a public blob, queue, or table object. +// Endpoints the URIs that are used to perform a retrieval of a public blob, queue, table, web or dfs object. type Endpoints struct { // Blob - Gets the blob endpoint. Blob *string `json:"blob,omitempty"` @@ -942,6 +1316,10 @@ type Endpoints struct { Table *string `json:"table,omitempty"` // File - Gets the file endpoint. File *string `json:"file,omitempty"` + // Web - Gets the web endpoint. + Web *string `json:"web,omitempty"` + // Dfs - Gets the dfs endpoint. + Dfs *string `json:"dfs,omitempty"` } // Identity identity for the resource. @@ -954,6 +1332,178 @@ type Identity struct { Type *string `json:"type,omitempty"` } +// ImmutabilityPolicy the ImmutabilityPolicy property of a blob container, including Id, resource name, resource +// type, Etag. +type ImmutabilityPolicy struct { + autorest.Response `json:"-"` + // ImmutabilityPolicyProperty - The properties of an ImmutabilityPolicy of a blob container. + *ImmutabilityPolicyProperty `json:"properties,omitempty"` + // Etag - Resource Etag. + Etag *string `json:"etag,omitempty"` + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` +} + +// MarshalJSON is the custom marshaler for ImmutabilityPolicy. +func (IP ImmutabilityPolicy) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if IP.ImmutabilityPolicyProperty != nil { + objectMap["properties"] = IP.ImmutabilityPolicyProperty + } + if IP.Etag != nil { + objectMap["etag"] = IP.Etag + } + if IP.ID != nil { + objectMap["id"] = IP.ID + } + if IP.Name != nil { + objectMap["name"] = IP.Name + } + if IP.Type != nil { + objectMap["type"] = IP.Type + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for ImmutabilityPolicy struct. +func (IP *ImmutabilityPolicy) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var immutabilityPolicyProperty ImmutabilityPolicyProperty + err = json.Unmarshal(*v, &immutabilityPolicyProperty) + if err != nil { + return err + } + IP.ImmutabilityPolicyProperty = &immutabilityPolicyProperty + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + IP.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + IP.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + IP.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + IP.Type = &typeVar + } + } + } + + return nil +} + +// ImmutabilityPolicyProperties the properties of an ImmutabilityPolicy of a blob container. +type ImmutabilityPolicyProperties struct { + // ImmutabilityPolicyProperty - The properties of an ImmutabilityPolicy of a blob container. + *ImmutabilityPolicyProperty `json:"properties,omitempty"` + // Etag - ImmutabilityPolicy Etag. + Etag *string `json:"etag,omitempty"` + // UpdateHistory - The ImmutabilityPolicy update history of the blob container. + UpdateHistory *[]UpdateHistoryProperty `json:"updateHistory,omitempty"` +} + +// MarshalJSON is the custom marshaler for ImmutabilityPolicyProperties. +func (ipp ImmutabilityPolicyProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if ipp.ImmutabilityPolicyProperty != nil { + objectMap["properties"] = ipp.ImmutabilityPolicyProperty + } + if ipp.Etag != nil { + objectMap["etag"] = ipp.Etag + } + if ipp.UpdateHistory != nil { + objectMap["updateHistory"] = ipp.UpdateHistory + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for ImmutabilityPolicyProperties struct. +func (ipp *ImmutabilityPolicyProperties) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var immutabilityPolicyProperty ImmutabilityPolicyProperty + err = json.Unmarshal(*v, &immutabilityPolicyProperty) + if err != nil { + return err + } + ipp.ImmutabilityPolicyProperty = &immutabilityPolicyProperty + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + ipp.Etag = &etag + } + case "updateHistory": + if v != nil { + var updateHistory []UpdateHistoryProperty + err = json.Unmarshal(*v, &updateHistory) + if err != nil { + return err + } + ipp.UpdateHistory = &updateHistory + } + } + } + + return nil +} + +// ImmutabilityPolicyProperty the properties of an ImmutabilityPolicy of a blob container. +type ImmutabilityPolicyProperty struct { + // ImmutabilityPeriodSinceCreationInDays - The immutability period for the blobs in the container since the policy creation, in days. + ImmutabilityPeriodSinceCreationInDays *int32 `json:"immutabilityPeriodSinceCreationInDays,omitempty"` + // State - The ImmutabilityPolicy state of a blob container, possible values include: Locked and Unlocked. Possible values include: 'Locked', 'Unlocked' + State ImmutabilityPolicyState `json:"state,omitempty"` +} + // IPRule IP rule with specific IP or IP range in CIDR format. type IPRule struct { // IPAddressOrRange - Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed. @@ -972,6 +1522,23 @@ type KeyVaultProperties struct { KeyVaultURI *string `json:"keyvaulturi,omitempty"` } +// LegalHold the LegalHold property of a blob container. +type LegalHold struct { + autorest.Response `json:"-"` + // HasLegalHold - The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account. + HasLegalHold *bool `json:"hasLegalHold,omitempty"` + // Tags - Each tag should be 3 to 23 alphanumeric characters and is normalized to lower case at SRP. + Tags *[]string `json:"tags,omitempty"` +} + +// LegalHoldProperties the LegalHold property of a blob container. +type LegalHoldProperties struct { + // HasLegalHold - The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account. + HasLegalHold *bool `json:"hasLegalHold,omitempty"` + // Tags - The list of LegalHold tags of a blob container. + Tags *[]TagProperty `json:"tags,omitempty"` +} + // ListAccountSasResponse the List SAS credentials operation response. type ListAccountSasResponse struct { autorest.Response `json:"-"` @@ -979,6 +1546,108 @@ type ListAccountSasResponse struct { AccountSasToken *string `json:"accountSasToken,omitempty"` } +// ListContainerItem the blob container properties be listed out. +type ListContainerItem struct { + // ContainerProperties - The blob container properties be listed out. + *ContainerProperties `json:"properties,omitempty"` + // Etag - Resource Etag. + Etag *string `json:"etag,omitempty"` + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` +} + +// MarshalJSON is the custom marshaler for ListContainerItem. +func (lci ListContainerItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if lci.ContainerProperties != nil { + objectMap["properties"] = lci.ContainerProperties + } + if lci.Etag != nil { + objectMap["etag"] = lci.Etag + } + if lci.ID != nil { + objectMap["id"] = lci.ID + } + if lci.Name != nil { + objectMap["name"] = lci.Name + } + if lci.Type != nil { + objectMap["type"] = lci.Type + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for ListContainerItem struct. +func (lci *ListContainerItem) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var containerProperties ContainerProperties + err = json.Unmarshal(*v, &containerProperties) + if err != nil { + return err + } + lci.ContainerProperties = &containerProperties + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + lci.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + lci.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + lci.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + lci.Type = &typeVar + } + } + } + + return nil +} + +// ListContainerItems the list of blob containers. +type ListContainerItems struct { + autorest.Response `json:"-"` + // Value - The list of blob containers. + Value *[]ListContainerItem `json:"value,omitempty"` +} + // ListServiceSasResponse the List service SAS credentials operation response. type ListServiceSasResponse struct { autorest.Response `json:"-"` @@ -986,6 +1655,53 @@ type ListServiceSasResponse struct { ServiceSasToken *string `json:"serviceSasToken,omitempty"` } +// ManagementPoliciesRules the Storage Account ManagementPolicies Rules, in JSON format. See more details in: +// https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts. +type ManagementPoliciesRules struct { + // Policy - The Storage Account ManagementPolicies Rules, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts. + Policy interface{} `json:"policy,omitempty"` +} + +// ManagementPoliciesRulesSetParameter the Storage Account ManagementPolicies Rules, in JSON format. See more +// details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts. +type ManagementPoliciesRulesSetParameter struct { + // ManagementPoliciesRules - The Storage Account ManagementPolicies Rules, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts. + *ManagementPoliciesRules `json:"properties,omitempty"` +} + +// MarshalJSON is the custom marshaler for ManagementPoliciesRulesSetParameter. +func (mprsp ManagementPoliciesRulesSetParameter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if mprsp.ManagementPoliciesRules != nil { + objectMap["properties"] = mprsp.ManagementPoliciesRules + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for ManagementPoliciesRulesSetParameter struct. +func (mprsp *ManagementPoliciesRulesSetParameter) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var managementPoliciesRules ManagementPoliciesRules + err = json.Unmarshal(*v, &managementPoliciesRules) + if err != nil { + return err + } + mprsp.ManagementPoliciesRules = &managementPoliciesRules + } + } + } + + return nil +} + // MetricSpecification metric specification of operation. type MetricSpecification struct { // Name - Name of metric specification. @@ -1109,6 +1825,8 @@ type OperationDisplay struct { Resource *string `json:"resource,omitempty"` // Operation - Type of operation: get, read, delete, etc. Operation *string `json:"operation,omitempty"` + // Description - Description of the operation. + Description *string `json:"description,omitempty"` } // OperationListResult result of the request to list Storage operations. It contains a list of operations and a URL @@ -1125,39 +1843,25 @@ type OperationProperties struct { ServiceSpecification *ServiceSpecification `json:"serviceSpecification,omitempty"` } -// Resource describes a storage resource. -type Resource struct { - // ID - Resource Id +// ProxyResource the resource model definition for a ARM proxy resource. It will have everything other than +// required location and tags +type ProxyResource struct { + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - Resource name + // Name - The name of the resource Name *string `json:"name,omitempty"` - // Type - Resource type + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. Type *string `json:"type,omitempty"` - // Location - Resource location - Location *string `json:"location,omitempty"` - // Tags - Tags assigned to a resource; can be used for viewing and grouping a resource (across resource groups). - Tags map[string]*string `json:"tags"` } -// MarshalJSON is the custom marshaler for Resource. -func (r Resource) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if r.ID != nil { - objectMap["id"] = r.ID - } - if r.Name != nil { - objectMap["name"] = r.Name - } - if r.Type != nil { - objectMap["type"] = r.Type - } - if r.Location != nil { - objectMap["location"] = r.Location - } - if r.Tags != nil { - objectMap["tags"] = r.Tags - } - return json.Marshal(objectMap) +// Resource ... +type Resource struct { + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` } // Restriction the restriction because of which SKU cannot be used. @@ -1166,7 +1870,7 @@ type Restriction struct { Type *string `json:"type,omitempty"` // Values - The value of restrictions. If the restriction type is set to location. This would be different locations where the SKU is restricted. Values *[]string `json:"values,omitempty"` - // ReasonCode - The reason for the restriction. As of now this can be “QuotaId” or “NotAvailableForSubscription”. Quota Id is set when the SKU has requiredQuotas parameter as the subscription does not belong to that quota. The “NotAvailableForSubscription” is related to capacity at DC. Possible values include: 'QuotaID', 'NotAvailableForSubscription' + // ReasonCode - The reason for the restriction. As of now this can be "QuotaId" or "NotAvailableForSubscription". Quota Id is set when the SKU has requiredQuotas parameter as the subscription does not belong to that quota. The "NotAvailableForSubscription" is related to capacity at DC. Possible values include: 'QuotaID', 'NotAvailableForSubscription' ReasonCode ReasonCode `json:"reasonCode,omitempty"` } @@ -1218,13 +1922,13 @@ type ServiceSpecification struct { // Sku the SKU of the storage account. type Sku struct { - // Name - Gets or sets the sku name. Required for account creation; optional for update. Note that in older versions, sku name was called accountType. Possible values include: 'StandardLRS', 'StandardGRS', 'StandardRAGRS', 'StandardZRS', 'PremiumLRS' + // Name - Gets or sets the sku name. Required for account creation; optional for update. Note that in older versions, sku name was called accountType. Possible values include: 'StandardLRS', 'StandardGRS', 'StandardRAGRS', 'StandardZRS', 'PremiumLRS', 'PremiumZRS' Name SkuName `json:"name,omitempty"` // Tier - Gets the sku tier. This is based on the SKU name. Possible values include: 'Standard', 'Premium' Tier SkuTier `json:"tier,omitempty"` // ResourceType - The type of the resource, usually it is 'storageAccounts'. ResourceType *string `json:"resourceType,omitempty"` - // Kind - Indicates the type of storage account. Possible values include: 'Storage', 'StorageV2', 'BlobStorage' + // Kind - Indicates the type of storage account. Possible values include: 'Storage', 'StorageV2', 'BlobStorage', 'FileStorage', 'BlockBlobStorage' Kind Kind `json:"kind,omitempty"` // Locations - The set of locations that the SKU is available. This will be supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). Locations *[]string `json:"locations,omitempty"` @@ -1250,6 +1954,71 @@ type SkuListResult struct { Value *[]Sku `json:"value,omitempty"` } +// TagProperty a tag of the LegalHold of a blob container. +type TagProperty struct { + // Tag - The tag value. + Tag *string `json:"tag,omitempty"` + // Timestamp - Returns the date and time the tag was added. + Timestamp *date.Time `json:"timestamp,omitempty"` + // ObjectIdentifier - Returns the Object ID of the user who added the tag. + ObjectIdentifier *string `json:"objectIdentifier,omitempty"` + // TenantID - Returns the Tenant ID that issued the token for the user who added the tag. + TenantID *string `json:"tenantId,omitempty"` + // Upn - Returns the User Principal Name of the user who added the tag. + Upn *string `json:"upn,omitempty"` +} + +// TrackedResource the resource model definition for a ARM tracked top level resource +type TrackedResource struct { + // Tags - Resource tags. + Tags map[string]*string `json:"tags"` + // Location - The geo-location where the resource lives + Location *string `json:"location,omitempty"` + // ID - Fully qualified resource Id for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - The name of the resource + Name *string `json:"name,omitempty"` + // Type - The type of the resource. Ex- Microsoft.Compute/virtualMachines or Microsoft.Storage/storageAccounts. + Type *string `json:"type,omitempty"` +} + +// MarshalJSON is the custom marshaler for TrackedResource. +func (tr TrackedResource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if tr.Tags != nil { + objectMap["tags"] = tr.Tags + } + if tr.Location != nil { + objectMap["location"] = tr.Location + } + if tr.ID != nil { + objectMap["id"] = tr.ID + } + if tr.Name != nil { + objectMap["name"] = tr.Name + } + if tr.Type != nil { + objectMap["type"] = tr.Type + } + return json.Marshal(objectMap) +} + +// UpdateHistoryProperty an update history of the ImmutabilityPolicy of a blob container. +type UpdateHistoryProperty struct { + // Update - The ImmutabilityPolicy update type of a blob container, possible values include: put, lock and extend. Possible values include: 'Put', 'Lock', 'Extend' + Update ImmutabilityPolicyUpdateType `json:"update,omitempty"` + // ImmutabilityPeriodSinceCreationInDays - The immutability period for the blobs in the container since the policy creation, in days. + ImmutabilityPeriodSinceCreationInDays *int32 `json:"immutabilityPeriodSinceCreationInDays,omitempty"` + // Timestamp - Returns the date and time the ImmutabilityPolicy was updated. + Timestamp *date.Time `json:"timestamp,omitempty"` + // ObjectIdentifier - Returns the Object ID of the user who updated the ImmutabilityPolicy. + ObjectIdentifier *string `json:"objectIdentifier,omitempty"` + // TenantID - Returns the Tenant ID that issued the token for the user who updated the ImmutabilityPolicy. + TenantID *string `json:"tenantId,omitempty"` + // Upn - Returns the User Principal Name of the user who updated the ImmutabilityPolicy. + Upn *string `json:"upn,omitempty"` +} + // Usage describes Storage Resource Usage. type Usage struct { // Unit - Gets the unit of measurement. Possible values include: 'Count', 'Bytes', 'Seconds', 'Percent', 'CountsPerSecond', 'BytesPerSecond' diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/operations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/operations.go similarity index 99% rename from vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/operations.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/operations.go index b36bc6d6844..20b1db7df6c 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/operations.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/operations.go @@ -64,7 +64,7 @@ func (client OperationsClient) List(ctx context.Context) (result OperationListRe // ListPreparer prepares the List request. func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error) { - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/skus.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/skus.go similarity index 89% rename from vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/skus.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/skus.go index 20abb8c90f9..c5e9bd5c624 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/skus.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/skus.go @@ -21,6 +21,7 @@ import ( "context" "github.com/Azure/go-autorest/autorest" "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" "net/http" ) @@ -41,6 +42,12 @@ func NewSkusClientWithBaseURI(baseURI string, subscriptionID string) SkusClient // List lists the available SKUs supported by Microsoft.Storage for given subscription. func (client SkusClient) List(ctx context.Context) (result SkuListResult, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.SkusClient", "List", err.Error()) + } + req, err := client.ListPreparer(ctx) if err != nil { err = autorest.NewErrorWithError(err, "storage.SkusClient", "List", nil, "Failure preparing request") @@ -68,7 +75,7 @@ func (client SkusClient) ListPreparer(ctx context.Context) (*http.Request, error "subscriptionId": autorest.Encode("path", client.SubscriptionID), } - const APIVersion = "2017-10-01" + const APIVersion = "2018-07-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/usages.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/usages.go new file mode 100644 index 00000000000..82b291b5fb3 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/usages.go @@ -0,0 +1,112 @@ +package storage + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "net/http" +) + +// UsagesClient is the the Azure Storage Management API. +type UsagesClient struct { + BaseClient +} + +// NewUsagesClient creates an instance of the UsagesClient client. +func NewUsagesClient(subscriptionID string) UsagesClient { + return NewUsagesClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewUsagesClientWithBaseURI creates an instance of the UsagesClient client. +func NewUsagesClientWithBaseURI(baseURI string, subscriptionID string) UsagesClient { + return UsagesClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// ListByLocation gets the current usage count and the limit for the resources of the location under the subscription. +// Parameters: +// location - the location of the Azure Storage resource. +func (client UsagesClient) ListByLocation(ctx context.Context, location string) (result UsageListResult, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("storage.UsagesClient", "ListByLocation", err.Error()) + } + + req, err := client.ListByLocationPreparer(ctx, location) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.UsagesClient", "ListByLocation", nil, "Failure preparing request") + return + } + + resp, err := client.ListByLocationSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "storage.UsagesClient", "ListByLocation", resp, "Failure sending request") + return + } + + result, err = client.ListByLocationResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "storage.UsagesClient", "ListByLocation", resp, "Failure responding to request") + } + + return +} + +// ListByLocationPreparer prepares the ListByLocation request. +func (client UsagesClient) ListByLocationPreparer(ctx context.Context, location string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "location": autorest.Encode("path", location), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2018-07-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Storage/locations/{location}/usages", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListByLocationSender sends the ListByLocation request. The method will close the +// http.Response Body if it receives an error. +func (client UsagesClient) ListByLocationSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ListByLocationResponder handles the response to the ListByLocation request. The method always +// closes the http.Response Body. +func (client UsagesClient) ListByLocationResponder(resp *http.Response) (result UsageListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/version.go similarity index 94% rename from vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/version.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/version.go index 884a2478f8d..2b30253f6b5 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/version.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage/version.go @@ -21,7 +21,7 @@ import "github.com/Azure/azure-sdk-for-go/version" // UserAgent returns the UserAgent string to use when sending http.Requests. func UserAgent() string { - return "Azure-SDK-For-Go/" + version.Number + " storage/2017-10-01" + return "Azure-SDK-For-Go/" + version.Number + " storage/2018-07-01" } // Version returns the semantic version (see http://semver.org) of the client. diff --git a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go b/vendor/github.com/Azure/azure-sdk-for-go/version/version.go index f0ba0326824..a9cd65df586 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/version/version.go @@ -18,4 +18,4 @@ package version // Changes may cause incorrect behavior and will be lost if the code is regenerated. // Number contains the semantic version of this SDK. -const Number = "v19.0.0" +const Number = "v21.1.0" diff --git a/vendor/github.com/Azure/go-autorest/autorest/BUILD b/vendor/github.com/Azure/go-autorest/autorest/BUILD index 3ac348e8620..e77ba34e19a 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/BUILD +++ b/vendor/github.com/Azure/go-autorest/autorest/BUILD @@ -21,6 +21,7 @@ go_library( visibility = ["//visibility:public"], deps = [ "//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library", + "//vendor/github.com/Azure/go-autorest/logger:go_default_library", "//vendor/github.com/Azure/go-autorest/version:go_default_library", ], ) diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go index cda1e180acf..9dd7a1d27c5 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go +++ b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go @@ -119,7 +119,10 @@ func (f *Future) Done(sender autorest.Sender) (bool, error) { if err := f.pt.updatePollingState(f.pt.provisioningStateApplicable()); err != nil { return false, err } - if err := f.pt.updateHeaders(); err != nil { + if err := f.pt.initPollingMethod(); err != nil { + return false, err + } + if err := f.pt.updatePollingMethod(); err != nil { return false, err } return f.pt.hasTerminated(), f.pt.pollingError() @@ -264,7 +267,7 @@ type pollingTracker interface { // these methods can differ per tracker // checks the response headers and status code to determine the polling mechanism - updateHeaders() error + updatePollingMethod() error // checks the response for tracker-specific error conditions checkForErrors() error @@ -274,6 +277,10 @@ type pollingTracker interface { // methods common to all trackers + // initializes a tracker's polling URL and method, called for each iteration. + // these values can be overridden by each polling tracker as required. + initPollingMethod() error + // initializes the tracker's internal state, call this when the tracker is created initializeState() error @@ -348,6 +355,10 @@ func (pt *pollingTrackerBase) initializeState() error { case http.StatusOK: if ps := pt.getProvisioningState(); ps != nil { pt.State = *ps + if pt.hasFailed() { + pt.updateErrorFromResponse() + return pt.pollingError() + } } else { pt.State = operationSucceeded } @@ -364,8 +375,9 @@ func (pt *pollingTrackerBase) initializeState() error { default: pt.State = operationFailed pt.updateErrorFromResponse() + return pt.pollingError() } - return nil + return pt.initPollingMethod() } func (pt pollingTrackerBase) getProvisioningState() *string { @@ -416,12 +428,14 @@ func (pt *pollingTrackerBase) pollForStatus(sender autorest.Sender) error { } else { // check response body for error content pt.updateErrorFromResponse() + err = pt.pollingError() } return err } // attempts to unmarshal a ServiceError type from the response body. // if that fails then make a best attempt at creating something meaningful. +// NOTE: this assumes that the async operation has failed. func (pt *pollingTrackerBase) updateErrorFromResponse() { var err error if pt.resp.ContentLength != 0 { @@ -431,8 +445,7 @@ func (pt *pollingTrackerBase) updateErrorFromResponse() { re := respErr{} defer pt.resp.Body.Close() var b []byte - b, err = ioutil.ReadAll(pt.resp.Body) - if err != nil { + if b, err = ioutil.ReadAll(pt.resp.Body); err != nil { goto Default } if err = json.Unmarshal(b, &re); err != nil { @@ -445,20 +458,29 @@ func (pt *pollingTrackerBase) updateErrorFromResponse() { goto Default } } - if re.ServiceError != nil { + // the unmarshaller will ensure re.ServiceError is non-nil + // even if there was no content unmarshalled so check the code. + if re.ServiceError.Code != "" { pt.Err = re.ServiceError return } } Default: se := &ServiceError{ - Code: fmt.Sprintf("HTTP status code %v", pt.resp.StatusCode), - Message: pt.resp.Status, + Code: pt.pollingStatus(), + Message: "The async operation failed.", } if err != nil { se.InnerError = make(map[string]interface{}) se.InnerError["unmarshalError"] = err.Error() } + // stick the response body into the error object in hopes + // it contains something useful to help diagnose the failure. + if len(pt.rawBody) > 0 { + se.AdditionalInfo = []map[string]interface{}{ + pt.rawBody, + } + } pt.Err = se } @@ -538,13 +560,33 @@ func (pt pollingTrackerBase) baseCheckForErrors() error { return nil } +// default initialization of polling URL/method. each verb tracker will update this as required. +func (pt *pollingTrackerBase) initPollingMethod() error { + if ao, err := getURLFromAsyncOpHeader(pt.resp); err != nil { + return err + } else if ao != "" { + pt.URI = ao + pt.Pm = PollingAsyncOperation + return nil + } + if lh, err := getURLFromLocationHeader(pt.resp); err != nil { + return err + } else if lh != "" { + pt.URI = lh + pt.Pm = PollingLocation + return nil + } + // it's ok if we didn't find a polling header, this will be handled elsewhere + return nil +} + // DELETE type pollingTrackerDelete struct { pollingTrackerBase } -func (pt *pollingTrackerDelete) updateHeaders() error { +func (pt *pollingTrackerDelete) updatePollingMethod() error { // for 201 the Location header is required if pt.resp.StatusCode == http.StatusCreated { if lh, err := getURLFromLocationHeader(pt.resp); err != nil { @@ -600,7 +642,7 @@ type pollingTrackerPatch struct { pollingTrackerBase } -func (pt *pollingTrackerPatch) updateHeaders() error { +func (pt *pollingTrackerPatch) updatePollingMethod() error { // by default we can use the original URL for polling and final GET if pt.URI == "" { pt.URI = pt.resp.Request.URL.String() @@ -658,7 +700,7 @@ type pollingTrackerPost struct { pollingTrackerBase } -func (pt *pollingTrackerPost) updateHeaders() error { +func (pt *pollingTrackerPost) updatePollingMethod() error { // 201 requires Location header if pt.resp.StatusCode == http.StatusCreated { if lh, err := getURLFromLocationHeader(pt.resp); err != nil { @@ -714,7 +756,7 @@ type pollingTrackerPut struct { pollingTrackerBase } -func (pt *pollingTrackerPut) updateHeaders() error { +func (pt *pollingTrackerPut) updatePollingMethod() error { // by default we can use the original URL for polling and final GET if pt.URI == "" { pt.URI = pt.resp.Request.URL.String() @@ -808,7 +850,7 @@ func createPollingTracker(resp *http.Response) (pollingTracker, error) { // this initializes the polling header values, we do this during creation in case the // initial response send us invalid values; this way the API call will return a non-nil // error (not doing this means the error shows up in Future.Done) - return pt, pt.updateHeaders() + return pt, pt.updatePollingMethod() } // gets the polling URL from the Azure-AsyncOperation header. diff --git a/vendor/github.com/Azure/go-autorest/autorest/client.go b/vendor/github.com/Azure/go-autorest/autorest/client.go index 467c1509d63..5c558c83a7e 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/client.go +++ b/vendor/github.com/Azure/go-autorest/autorest/client.go @@ -22,8 +22,10 @@ import ( "log" "net/http" "net/http/cookiejar" + "strings" "time" + "github.com/Azure/go-autorest/logger" "github.com/Azure/go-autorest/version" ) @@ -208,8 +210,17 @@ func (c Client) Do(r *http.Request) (*http.Response, error) { } return resp, NewErrorWithError(err, "autorest/Client", "Do", nil, "Preparing request failed") } - + logger.Instance.WriteRequest(r, logger.Filter{ + Header: func(k string, v []string) (bool, []string) { + // remove the auth token from the log + if strings.EqualFold(k, "Authorization") || strings.EqualFold(k, "Ocp-Apim-Subscription-Key") { + v = []string{"**REDACTED**"} + } + return true, v + }, + }) resp, err := SendWithSender(c.sender(), r) + logger.Instance.WriteResponse(resp, logger.Filter{}) Respond(resp, c.ByInspecting()) return resp, err } diff --git a/vendor/github.com/Azure/go-autorest/logger/BUILD b/vendor/github.com/Azure/go-autorest/logger/BUILD new file mode 100644 index 00000000000..d43bee7c193 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/logger/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["logger.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Azure/go-autorest/logger", + importpath = "github.com/Azure/go-autorest/logger", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Azure/go-autorest/logger/logger.go b/vendor/github.com/Azure/go-autorest/logger/logger.go new file mode 100644 index 00000000000..756fd80cab1 --- /dev/null +++ b/vendor/github.com/Azure/go-autorest/logger/logger.go @@ -0,0 +1,328 @@ +package logger + +// Copyright 2017 Microsoft Corporation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +import ( + "bytes" + "fmt" + "io" + "io/ioutil" + "net/http" + "net/url" + "os" + "strings" + "sync" + "time" +) + +// LevelType tells a logger the minimum level to log. When code reports a log entry, +// the LogLevel indicates the level of the log entry. The logger only records entries +// whose level is at least the level it was told to log. See the Log* constants. +// For example, if a logger is configured with LogError, then LogError, LogPanic, +// and LogFatal entries will be logged; lower level entries are ignored. +type LevelType uint32 + +const ( + // LogNone tells a logger not to log any entries passed to it. + LogNone LevelType = iota + + // LogFatal tells a logger to log all LogFatal entries passed to it. + LogFatal + + // LogPanic tells a logger to log all LogPanic and LogFatal entries passed to it. + LogPanic + + // LogError tells a logger to log all LogError, LogPanic and LogFatal entries passed to it. + LogError + + // LogWarning tells a logger to log all LogWarning, LogError, LogPanic and LogFatal entries passed to it. + LogWarning + + // LogInfo tells a logger to log all LogInfo, LogWarning, LogError, LogPanic and LogFatal entries passed to it. + LogInfo + + // LogDebug tells a logger to log all LogDebug, LogInfo, LogWarning, LogError, LogPanic and LogFatal entries passed to it. + LogDebug +) + +const ( + logNone = "NONE" + logFatal = "FATAL" + logPanic = "PANIC" + logError = "ERROR" + logWarning = "WARNING" + logInfo = "INFO" + logDebug = "DEBUG" + logUnknown = "UNKNOWN" +) + +// ParseLevel converts the specified string into the corresponding LevelType. +func ParseLevel(s string) (lt LevelType, err error) { + switch strings.ToUpper(s) { + case logFatal: + lt = LogFatal + case logPanic: + lt = LogPanic + case logError: + lt = LogError + case logWarning: + lt = LogWarning + case logInfo: + lt = LogInfo + case logDebug: + lt = LogDebug + default: + err = fmt.Errorf("bad log level '%s'", s) + } + return +} + +// String implements the stringer interface for LevelType. +func (lt LevelType) String() string { + switch lt { + case LogNone: + return logNone + case LogFatal: + return logFatal + case LogPanic: + return logPanic + case LogError: + return logError + case LogWarning: + return logWarning + case LogInfo: + return logInfo + case LogDebug: + return logDebug + default: + return logUnknown + } +} + +// Filter defines functions for filtering HTTP request/response content. +type Filter struct { + // URL returns a potentially modified string representation of a request URL. + URL func(u *url.URL) string + + // Header returns a potentially modified set of values for the specified key. + // To completely exclude the header key/values return false. + Header func(key string, val []string) (bool, []string) + + // Body returns a potentially modified request/response body. + Body func(b []byte) []byte +} + +func (f Filter) processURL(u *url.URL) string { + if f.URL == nil { + return u.String() + } + return f.URL(u) +} + +func (f Filter) processHeader(k string, val []string) (bool, []string) { + if f.Header == nil { + return true, val + } + return f.Header(k, val) +} + +func (f Filter) processBody(b []byte) []byte { + if f.Body == nil { + return b + } + return f.Body(b) +} + +// Writer defines methods for writing to a logging facility. +type Writer interface { + // Writeln writes the specified message with the standard log entry header and new-line character. + Writeln(level LevelType, message string) + + // Writef writes the specified format specifier with the standard log entry header and no new-line character. + Writef(level LevelType, format string, a ...interface{}) + + // WriteRequest writes the specified HTTP request to the logger if the log level is greater than + // or equal to LogInfo. The request body, if set, is logged at level LogDebug or higher. + // Custom filters can be specified to exclude URL, header, and/or body content from the log. + // By default no request content is excluded. + WriteRequest(req *http.Request, filter Filter) + + // WriteResponse writes the specified HTTP response to the logger if the log level is greater than + // or equal to LogInfo. The response body, if set, is logged at level LogDebug or higher. + // Custom filters can be specified to exclude URL, header, and/or body content from the log. + // By default no respone content is excluded. + WriteResponse(resp *http.Response, filter Filter) +} + +// Instance is the default log writer initialized during package init. +// This can be replaced with a custom implementation as required. +var Instance Writer + +// default log level +var logLevel = LogNone + +// Level returns the value specified in AZURE_GO_AUTOREST_LOG_LEVEL. +// If no value was specified the default value is LogNone. +// Custom loggers can call this to retrieve the configured log level. +func Level() LevelType { + return logLevel +} + +func init() { + // separated for testing purposes + initDefaultLogger() +} + +func initDefaultLogger() { + // init with nilLogger so callers don't have to do a nil check on Default + Instance = nilLogger{} + llStr := strings.ToLower(os.Getenv("AZURE_GO_SDK_LOG_LEVEL")) + if llStr == "" { + return + } + var err error + logLevel, err = ParseLevel(llStr) + if err != nil { + fmt.Fprintf(os.Stderr, "go-autorest: failed to parse log level: %s\n", err.Error()) + return + } + if logLevel == LogNone { + return + } + // default to stderr + dest := os.Stderr + lfStr := os.Getenv("AZURE_GO_SDK_LOG_FILE") + if strings.EqualFold(lfStr, "stdout") { + dest = os.Stdout + } else if lfStr != "" { + lf, err := os.Create(lfStr) + if err == nil { + dest = lf + } else { + fmt.Fprintf(os.Stderr, "go-autorest: failed to create log file, using stderr: %s\n", err.Error()) + } + } + Instance = fileLogger{ + logLevel: logLevel, + mu: &sync.Mutex{}, + logFile: dest, + } +} + +// the nil logger does nothing +type nilLogger struct{} + +func (nilLogger) Writeln(LevelType, string) {} + +func (nilLogger) Writef(LevelType, string, ...interface{}) {} + +func (nilLogger) WriteRequest(*http.Request, Filter) {} + +func (nilLogger) WriteResponse(*http.Response, Filter) {} + +// A File is used instead of a Logger so the stream can be flushed after every write. +type fileLogger struct { + logLevel LevelType + mu *sync.Mutex // for synchronizing writes to logFile + logFile *os.File +} + +func (fl fileLogger) Writeln(level LevelType, message string) { + fl.Writef(level, "%s\n", message) +} + +func (fl fileLogger) Writef(level LevelType, format string, a ...interface{}) { + if fl.logLevel >= level { + fl.mu.Lock() + defer fl.mu.Unlock() + fmt.Fprintf(fl.logFile, "%s %s", entryHeader(level), fmt.Sprintf(format, a...)) + fl.logFile.Sync() + } +} + +func (fl fileLogger) WriteRequest(req *http.Request, filter Filter) { + if req == nil || fl.logLevel < LogInfo { + return + } + b := &bytes.Buffer{} + fmt.Fprintf(b, "%s REQUEST: %s %s\n", entryHeader(LogInfo), req.Method, filter.processURL(req.URL)) + // dump headers + for k, v := range req.Header { + if ok, mv := filter.processHeader(k, v); ok { + fmt.Fprintf(b, "%s: %s\n", k, strings.Join(mv, ",")) + } + } + if fl.shouldLogBody(req.Header, req.Body) { + // dump body + body, err := ioutil.ReadAll(req.Body) + if err == nil { + fmt.Fprintln(b, string(filter.processBody(body))) + if nc, ok := req.Body.(io.Seeker); ok { + // rewind to the beginning + nc.Seek(0, io.SeekStart) + } else { + // recreate the body + req.Body = ioutil.NopCloser(bytes.NewReader(body)) + } + } else { + fmt.Fprintf(b, "failed to read body: %v\n", err) + } + } + fl.mu.Lock() + defer fl.mu.Unlock() + fmt.Fprint(fl.logFile, b.String()) + fl.logFile.Sync() +} + +func (fl fileLogger) WriteResponse(resp *http.Response, filter Filter) { + if resp == nil || fl.logLevel < LogInfo { + return + } + b := &bytes.Buffer{} + fmt.Fprintf(b, "%s RESPONSE: %d %s\n", entryHeader(LogInfo), resp.StatusCode, filter.processURL(resp.Request.URL)) + // dump headers + for k, v := range resp.Header { + if ok, mv := filter.processHeader(k, v); ok { + fmt.Fprintf(b, "%s: %s\n", k, strings.Join(mv, ",")) + } + } + if fl.shouldLogBody(resp.Header, resp.Body) { + // dump body + defer resp.Body.Close() + body, err := ioutil.ReadAll(resp.Body) + if err == nil { + fmt.Fprintln(b, string(filter.processBody(body))) + resp.Body = ioutil.NopCloser(bytes.NewReader(body)) + } else { + fmt.Fprintf(b, "failed to read body: %v\n", err) + } + } + fl.mu.Lock() + defer fl.mu.Unlock() + fmt.Fprint(fl.logFile, b.String()) + fl.logFile.Sync() +} + +// returns true if the provided body should be included in the log +func (fl fileLogger) shouldLogBody(header http.Header, body io.ReadCloser) bool { + ct := header.Get("Content-Type") + return fl.logLevel >= LogDebug && body != nil && strings.Index(ct, "application/octet-stream") == -1 +} + +// creates standard header for log entries, it contains a timestamp and the log level +func entryHeader(level LevelType) string { + // this format provides a fixed number of digits so the size of the timestamp is constant + return fmt.Sprintf("(%s) %s:", time.Now().Format("2006-01-02T15:04:05.0000000Z07:00"), level.String()) +} diff --git a/vendor/github.com/Azure/go-autorest/version/version.go b/vendor/github.com/Azure/go-autorest/version/version.go index 10d1df64ff7..ad2d6099f52 100644 --- a/vendor/github.com/Azure/go-autorest/version/version.go +++ b/vendor/github.com/Azure/go-autorest/version/version.go @@ -20,7 +20,7 @@ import ( ) // Number contains the semantic version of this SDK. -const Number = "v10.14.0" +const Number = "v10.15.4" var ( userAgent = fmt.Sprintf("Go/%s (%s-%s) go-autorest/%s",