generated

api/openapi-spec/swagger.json

@@ -25327,6 +25327,13 @@
           "type": "boolean",
           "uniqueItems": true
         },
+        {
+          "description": "insecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the serving certificate of the backend it is connecting to.  This will make the HTTPS connection between the apiserver and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real kubelet.  If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept the actual log data coming from the real kubelet).",
+          "in": "query",
+          "name": "insecureSkipTLSVerifyBackend",
+          "type": "boolean",
+          "uniqueItems": true
+        },
         {
           "description": "If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.",
           "in": "query",

pkg/apis/core/v1/zz_generated.conversion.go

@@ -5665,6 +5665,7 @@ func autoConvert_v1_PodLogOptions_To_core_PodLogOptions(in *v1.PodLogOptions, ou
 	out.Timestamps = in.Timestamps
 	out.TailLines = (*int64)(unsafe.Pointer(in.TailLines))
 	out.LimitBytes = (*int64)(unsafe.Pointer(in.LimitBytes))
+	out.InsecureSkipTLSVerifyBackend = in.InsecureSkipTLSVerifyBackend
 	return nil
 }
 
@@ -5682,6 +5683,7 @@ func autoConvert_core_PodLogOptions_To_v1_PodLogOptions(in *core.PodLogOptions,
 	out.Timestamps = in.Timestamps
 	out.TailLines = (*int64)(unsafe.Pointer(in.TailLines))
 	out.LimitBytes = (*int64)(unsafe.Pointer(in.LimitBytes))
+	out.InsecureSkipTLSVerifyBackend = in.InsecureSkipTLSVerifyBackend
 	return nil
 }
 

staging/src/k8s.io/api/core/v1/generated.proto

@@ -3145,6 +3145,15 @@ message PodLogOptions {
   // slightly more or slightly less than the specified limit.
   // +optional
   optional int64 limitBytes = 8;
+
+  // insecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the
+  // serving certificate of the backend it is connecting to.  This will make the HTTPS connection between the apiserver
+  // and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real
+  // kubelet.  If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the
+  // connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept
+  // the actual log data coming from the real kubelet).
+  // +optional
+  optional bool insecureSkipTLSVerifyBackend = 9;
 }
 
 // PodPortForwardOptions is the query options to a Pod's port forward call

staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go

@@ -1528,15 +1528,16 @@ func (PodList) SwaggerDoc() map[string]string {
 }
 
 var map_PodLogOptions = map[string]string{
-	"":             "PodLogOptions is the query options for a Pod's logs REST call.",
+	"":                             "PodLogOptions is the query options for a Pod's logs REST call.",
-	"container":    "The container for which to stream logs. Defaults to only container if there is one container in the pod.",
+	"container":                    "The container for which to stream logs. Defaults to only container if there is one container in the pod.",
-	"follow":       "Follow the log stream of the pod. Defaults to false.",
+	"follow":                       "Follow the log stream of the pod. Defaults to false.",
-	"previous":     "Return previous terminated container logs. Defaults to false.",
+	"previous":                     "Return previous terminated container logs. Defaults to false.",
-	"sinceSeconds": "A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.",
+	"sinceSeconds":                 "A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.",
-	"sinceTime":    "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.",
+	"sinceTime":                    "An RFC3339 timestamp from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.",
-	"timestamps":   "If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false.",
+	"timestamps":                   "If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false.",
-	"tailLines":    "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime",
+	"tailLines":                    "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime",
-	"limitBytes":   "If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.",
+	"limitBytes":                   "If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.",
+	"insecureSkipTLSVerifyBackend": "insecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the serving certificate of the backend it is connecting to.  This will make the HTTPS connection between the apiserver and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real kubelet.  If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept the actual log data coming from the real kubelet).",
 }
 
 func (PodLogOptions) SwaggerDoc() map[string]string {

staging/src/k8s.io/api/testdata/HEAD/core.v1.PodLogOptions.json

@@ -6,5 +6,6 @@
   "sinceSeconds": 1002466899136229878,
   "timestamps": true,
   "tailLines": -6357999603795826160,
-  "limitBytes": 5323465663502687351
+  "limitBytes": 5323465663502687351,
+  "insecureSkipTLSVerifyBackend": true
 }

staging/src/k8s.io/api/testdata/HEAD/core.v1.PodLogOptions.yaml

@@ -1,6 +1,7 @@
 apiVersion: v1
 container: "2"
 follow: true
+insecureSkipTLSVerifyBackend: true
 kind: PodLogOptions
 limitBytes: 5323465663502687351
 sinceSeconds: 1002466899136229878