Update autogenerated files

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
2022-07-27 12:54:15 +02:00 · 2022-07-27 12:54:15 +02:00 · 8dc98c9b8e
commit 8dc98c9b8e
parent b1eaf6a2d9
73 changed files with 1061 additions and 930 deletions
--- a/api/openapi-spec/swagger.json
+++ b/api/openapi-spec/swagger.json
@ -7824,6 +7824,10 @@
          "description": "Use the host's pid namespace. Optional: Default to false.",
          "type": "boolean"
        },
        "hostUsers": {
          "description": "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
          "type": "boolean"
        },
        "hostname": {
          "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.",
          "type": "string"
@ -7860,7 +7864,7 @@
        },
        "os": {
          "$ref": "#/definitions/io.k8s.api.core.v1.PodOS",
-          "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
+          "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
        },
        "overhead": {
          "additionalProperties": {
--- a/api/openapi-spec/v3/api__v1_openapi.json
+++ b/api/openapi-spec/v3/api__v1_openapi.json
@ -5032,6 +5032,10 @@
            "description": "Use the host's pid namespace. Optional: Default to false.",
            "type": "boolean"
          },
          "hostUsers": {
            "description": "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
            "type": "boolean"
          },
          "hostname": {
            "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.",
            "type": "string"
@ -5083,7 +5087,7 @@
                "$ref": "#/components/schemas/io.k8s.api.core.v1.PodOS"
              }
            ],
-            "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
+            "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
          },
          "overhead": {
            "additionalProperties": {
--- a/api/openapi-spec/v3/apisappsv1_openapi.json
+++ b/api/openapi-spec/v3/apisappsv1_openapi.json
@ -3455,6 +3455,10 @@
            "description": "Use the host's pid namespace. Optional: Default to false.",
            "type": "boolean"
          },
          "hostUsers": {
            "description": "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
            "type": "boolean"
          },
          "hostname": {
            "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.",
            "type": "string"
@ -3506,7 +3510,7 @@
                "$ref": "#/components/schemas/io.k8s.api.core.v1.PodOS"
              }
            ],
-            "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
+            "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
          },
          "overhead": {
            "additionalProperties": {
--- a/api/openapi-spec/v3/apisbatchv1_openapi.json
+++ b/api/openapi-spec/v3/apisbatchv1_openapi.json
@ -2534,6 +2534,10 @@
            "description": "Use the host's pid namespace. Optional: Default to false.",
            "type": "boolean"
          },
          "hostUsers": {
            "description": "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
            "type": "boolean"
          },
          "hostname": {
            "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.",
            "type": "string"
@ -2585,7 +2589,7 @@
                "$ref": "#/components/schemas/io.k8s.api.core.v1.PodOS"
              }
            ],
-            "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
+            "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
          },
          "overhead": {
            "additionalProperties": {
--- a/pkg/apis/core/v1/zz_generated.conversion.go
+++ b/pkg/apis/core/v1/zz_generated.conversion.go
@ -6093,6 +6093,7 @@ func autoConvert_core_PodSecurityContext_To_v1_PodSecurityContext(in *core.PodSe
 	// INFO: in.HostPID opted out of conversion generation
 	// INFO: in.HostIPC opted out of conversion generation
 	// INFO: in.ShareProcessNamespace opted out of conversion generation
 	// INFO: in.HostUsers opted out of conversion generation
 	out.SELinuxOptions = (*v1.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
 	out.WindowsOptions = (*v1.WindowsSecurityContextOptions)(unsafe.Pointer(in.WindowsOptions))
 	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
@ -6186,6 +6187,7 @@ func autoConvert_v1_PodSpec_To_core_PodSpec(in *v1.PodSpec, out *core.PodSpec, s
 	out.TopologySpreadConstraints = *(*[]core.TopologySpreadConstraint)(unsafe.Pointer(&in.TopologySpreadConstraints))
 	out.SetHostnameAsFQDN = (*bool)(unsafe.Pointer(in.SetHostnameAsFQDN))
 	out.OS = (*core.PodOS)(unsafe.Pointer(in.OS))
 	// INFO: in.HostUsers opted out of conversion generation
 	return nil
 }
--- a/pkg/apis/core/zz_generated.deepcopy.go
+++ b/pkg/apis/core/zz_generated.deepcopy.go
@ -3736,6 +3736,11 @@ func (in *PodSecurityContext) DeepCopyInto(out *PodSecurityContext) {
 		*out = new(bool)
 		**out = **in
 	}
 	if in.HostUsers != nil {
 		in, out := &in.HostUsers, &out.HostUsers
 		*out = new(bool)
 		**out = **in
 	}
 	if in.SELinuxOptions != nil {
 		in, out := &in.SELinuxOptions, &out.SELinuxOptions
 		*out = new(SELinuxOptions)
--- a/pkg/generated/openapi/zz_generated.openapi.go
+++ b/pkg/generated/openapi/zz_generated.openapi.go
@ -22196,10 +22196,17 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA
 					},
 					"os": {
 						SchemaProps: spec.SchemaProps{
-							Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
+							Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
 							Ref:         ref("k8s.io/api/core/v1.PodOS"),
 						},
 					},
 					"hostUsers": {
 						SchemaProps: spec.SchemaProps{
 							Description: "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
 							Type:        []string{"boolean"},
 							Format:      "",
 						},
 					},
 				},
 				Required: []string{"containers"},
 			},
--- a/staging/src/k8s.io/api/core/v1/generated.pb.go
+++ b/staging/src/k8s.io/api/core/v1/generated.pb.go
--- a/staging/src/k8s.io/api/core/v1/generated.proto
+++ b/staging/src/k8s.io/api/core/v1/generated.proto
@ -3712,6 +3712,7 @@ message PodSpec {
  // If the OS field is set to windows, following fields must be unset:
  // - spec.hostPID
  // - spec.hostIPC
  // - spec.hostUsers
  // - spec.securityContext.seLinuxOptions
  // - spec.securityContext.seccompProfile
  // - spec.securityContext.fsGroup
@ -3732,6 +3733,19 @@ message PodSpec {
  // - spec.containers[*].securityContext.runAsGroup
  // +optional
  optional PodOS os = 36;
  // Use the host's user namespace.
  // Optional: Default to true.
  // If set to true or not present, the pod will be run in the host user namespace, useful
  // for when the pod needs a feature only available to the host user namespace, such as
  // loading a kernel module with CAP_SYS_MODULE.
  // When set to false, a new userns is created for the pod. Setting false is useful for
  // mitigating container breakout vulnerabilities even allowing users to run their
  // containers as root without actually having root privileges on the host.
  // This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.
  // +k8s:conversion-gen=false
  // +optional
  optional bool hostUsers = 37;
 }
 // PodStatus represents information about the status of a pod. Status may trail the actual
--- a/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go
+++ b/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go
@ -1670,7 +1670,8 @@ var map_PodSpec = map[string]string{
 	"overhead":                      "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md",
 	"topologySpreadConstraints":     "TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed.",
 	"setHostnameAsFQDN":             "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.",
-	"os":                            "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
+	"os":                            "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
 	"hostUsers":                     "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
 }
 func (PodSpec) SwaggerDoc() map[string]string {
--- a/staging/src/k8s.io/api/core/v1/zz_generated.deepcopy.go
+++ b/staging/src/k8s.io/api/core/v1/zz_generated.deepcopy.go
@ -3954,6 +3954,11 @@ func (in *PodSpec) DeepCopyInto(out *PodSpec) {
 		*out = new(PodOS)
 		**out = **in
 	}
 	if in.HostUsers != nil {
 		in, out := &in.HostUsers, &out.HostUsers
 		*out = new(bool)
 		**out = **in
 	}
 	return
 }
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.DaemonSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.DaemonSet.json
@ -1625,7 +1625,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "updateStrategy": {
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.DaemonSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.DaemonSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.DaemonSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.DaemonSet.yaml
@ -592,6 +592,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.Deployment.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.Deployment.json
@ -1626,7 +1626,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "strategy": {
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.Deployment.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.Deployment.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.Deployment.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.Deployment.yaml
@ -600,6 +600,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.ReplicaSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.ReplicaSet.json
@ -1627,7 +1627,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    }
  },
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.ReplicaSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.ReplicaSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.ReplicaSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.ReplicaSet.yaml
@ -592,6 +592,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.StatefulSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.StatefulSet.json
@ -1626,7 +1626,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "volumeClaimTemplates": [
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.StatefulSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.StatefulSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1.StatefulSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1.StatefulSet.yaml
@ -598,6 +598,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.Deployment.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.Deployment.json
@ -1626,7 +1626,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "strategy": {
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.Deployment.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.Deployment.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.Deployment.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.Deployment.yaml
@ -602,6 +602,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.StatefulSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.StatefulSet.json
@ -1626,7 +1626,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "volumeClaimTemplates": [
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.StatefulSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.StatefulSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.StatefulSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta1.StatefulSet.yaml
@ -598,6 +598,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.DaemonSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.DaemonSet.json
@ -1625,7 +1625,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "updateStrategy": {
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.DaemonSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.DaemonSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.DaemonSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.DaemonSet.yaml
@ -592,6 +592,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.Deployment.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.Deployment.json
@ -1626,7 +1626,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "strategy": {
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.Deployment.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.Deployment.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.Deployment.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.Deployment.yaml
@ -600,6 +600,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.ReplicaSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.ReplicaSet.json
@ -1627,7 +1627,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    }
  },
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.ReplicaSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.ReplicaSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.ReplicaSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.ReplicaSet.yaml
@ -592,6 +592,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.StatefulSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.StatefulSet.json
@ -1626,7 +1626,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "volumeClaimTemplates": [
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.StatefulSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.StatefulSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.StatefulSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/apps.v1beta2.StatefulSet.yaml
@ -598,6 +598,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1.CronJob.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1.CronJob.json
@ -1679,7 +1679,8 @@
            "setHostnameAsFQDN": true,
            "os": {
              "name": "nameValue"
-            }
+            },
            "hostUsers": true
          }
        },
        "ttlSecondsAfterFinished": 8,
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1.CronJob.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1.CronJob.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1.CronJob.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1.CronJob.yaml
@ -633,6 +633,7 @@ spec:
          hostIPC: true
          hostNetwork: true
          hostPID: true
          hostUsers: true
          hostname: hostnameValue
          imagePullSecrets:
          - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.json
@ -1630,7 +1630,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "ttlSecondsAfterFinished": 8,
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.yaml
@ -597,6 +597,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.CronJob.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.CronJob.json
@ -1679,7 +1679,8 @@
            "setHostnameAsFQDN": true,
            "os": {
              "name": "nameValue"
-            }
+            },
            "hostUsers": true
          }
        },
        "ttlSecondsAfterFinished": 8,
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.CronJob.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.CronJob.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.CronJob.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.CronJob.yaml
@ -633,6 +633,7 @@ spec:
          hostIPC: true
          hostNetwork: true
          hostPID: true
          hostUsers: true
          hostname: hostnameValue
          imagePullSecrets:
          - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.JobTemplate.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.JobTemplate.json
@ -1673,7 +1673,8 @@
          "setHostnameAsFQDN": true,
          "os": {
            "name": "nameValue"
-          }
+          },
          "hostUsers": true
        }
      },
      "ttlSecondsAfterFinished": 8,
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.JobTemplate.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.JobTemplate.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.JobTemplate.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/batch.v1beta1.JobTemplate.yaml
@ -630,6 +630,7 @@ template:
        hostIPC: true
        hostNetwork: true
        hostPID: true
        hostUsers: true
        hostname: hostnameValue
        imagePullSecrets:
        - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.json
@ -1567,7 +1567,8 @@
    "setHostnameAsFQDN": true,
    "os": {
      "name": "nameValue"
-    }
+    },
    "hostUsers": true
  },
  "status": {
    "phase": "phaseValue",
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.yaml
@ -548,6 +548,7 @@ spec:
  hostIPC: true
  hostNetwork: true
  hostPID: true
  hostUsers: true
  hostname: hostnameValue
  imagePullSecrets:
  - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.PodTemplate.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.PodTemplate.json
@ -1610,7 +1610,8 @@
      "setHostnameAsFQDN": true,
      "os": {
        "name": "nameValue"
-      }
+      },
      "hostUsers": true
    }
  }
 }
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.PodTemplate.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.PodTemplate.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.PodTemplate.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.PodTemplate.yaml
@ -581,6 +581,7 @@ template:
    hostIPC: true
    hostNetwork: true
    hostPID: true
    hostUsers: true
    hostname: hostnameValue
    imagePullSecrets:
    - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.ReplicationController.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.ReplicationController.json
@ -1616,7 +1616,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    }
  },
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.ReplicationController.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.ReplicationController.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/core.v1.ReplicationController.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/core.v1.ReplicationController.yaml
@ -586,6 +586,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.DaemonSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.DaemonSet.json
@ -1625,7 +1625,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "updateStrategy": {
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.DaemonSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.DaemonSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.DaemonSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.DaemonSet.yaml
@ -592,6 +592,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.Deployment.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.Deployment.json
@ -1626,7 +1626,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    },
    "strategy": {
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.Deployment.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.Deployment.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.Deployment.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.Deployment.yaml
@ -602,6 +602,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.ReplicaSet.json
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.ReplicaSet.json
@ -1627,7 +1627,8 @@
        "setHostnameAsFQDN": true,
        "os": {
          "name": "nameValue"
-        }
+        },
        "hostUsers": true
      }
    }
  },
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.ReplicaSet.pb
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.ReplicaSet.pb
--- a/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.ReplicaSet.yaml
+++ b/staging/src/k8s.io/api/testdata/HEAD/extensions.v1beta1.ReplicaSet.yaml
@ -592,6 +592,7 @@ spec:
      hostIPC: true
      hostNetwork: true
      hostPID: true
      hostUsers: true
      hostname: hostnameValue
      imagePullSecrets:
      - name: nameValue
--- a/staging/src/k8s.io/client-go/applyconfigurations/core/v1/podspec.go
+++ b/staging/src/k8s.io/client-go/applyconfigurations/core/v1/podspec.go
@ -41,7 +41,6 @@ type PodSpecApplyConfiguration struct {
 	HostNetwork                   *bool                                        `json:"hostNetwork,omitempty"`
 	HostPID                       *bool                                        `json:"hostPID,omitempty"`
 	HostIPC                       *bool                                        `json:"hostIPC,omitempty"`
 	HostUsers                     *bool                                        `json:"hostUsers,omitempty"`
 	ShareProcessNamespace         *bool                                        `json:"shareProcessNamespace,omitempty"`
 	SecurityContext               *PodSecurityContextApplyConfiguration        `json:"securityContext,omitempty"`
 	ImagePullSecrets              []LocalObjectReferenceApplyConfiguration     `json:"imagePullSecrets,omitempty"`
@ -62,6 +61,7 @@ type PodSpecApplyConfiguration struct {
 	TopologySpreadConstraints     []TopologySpreadConstraintApplyConfiguration `json:"topologySpreadConstraints,omitempty"`
 	SetHostnameAsFQDN             *bool                                        `json:"setHostnameAsFQDN,omitempty"`
 	OS                            *PodOSApplyConfiguration                     `json:"os,omitempty"`
 	HostUsers                     *bool                                        `json:"hostUsers,omitempty"`
 }
 // PodSpecApplyConfiguration constructs an declarative configuration of the PodSpec type for use with
@ -208,14 +208,6 @@ func (b *PodSpecApplyConfiguration) WithHostNetwork(value bool) *PodSpecApplyCon
 	return b
 }
 // WithHostUsers sets the HostUsers field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the HostUsers field is set to the value of the last call.
 func (b *PodSpecApplyConfiguration) WithHostUsers(value *bool) *PodSpecApplyConfiguration {
 	b.HostUsers = value
 	return b
 }
 // WithHostPID sets the HostPID field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the HostPID field is set to the value of the last call.
@ -416,3 +408,11 @@ func (b *PodSpecApplyConfiguration) WithOS(value *PodOSApplyConfiguration) *PodS
 	b.OS = value
 	return b
 }
 // WithHostUsers sets the HostUsers field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the HostUsers field is set to the value of the last call.
 func (b *PodSpecApplyConfiguration) WithHostUsers(value bool) *PodSpecApplyConfiguration {
 	b.HostUsers = &value
 	return b
 }
--- a/staging/src/k8s.io/client-go/applyconfigurations/internal/internal.go
+++ b/staging/src/k8s.io/client-go/applyconfigurations/internal/internal.go
@ -5762,6 +5762,9 @@ var schemaYAML = typed.YAMLObject(`types:
    - name: hostPID
      type:
        scalar: boolean
    - name: hostUsers
      type:
        scalar: boolean
    - name: hostname
      type:
        scalar: string