diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index 9b107967..e2667d43 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -268,323 +268,323 @@ }, { "ImportPath": "k8s.io/api/admissionregistration/v1alpha1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/admissionregistration/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/apps/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/apps/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/apps/v1beta2", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/authentication/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/authentication/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/authorization/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/authorization/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/autoscaling/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/autoscaling/v2beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/batch/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/batch/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/batch/v2alpha1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/certificates/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/core/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/events/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/extensions/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/imagepolicy/v1alpha1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/networking/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/policy/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/rbac/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/rbac/v1alpha1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/rbac/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/scheduling/v1alpha1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/scheduling/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/settings/v1alpha1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/storage/v1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/storage/v1alpha1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/api/storage/v1beta1", - "Rev": "5204d3828432611e41488a8042bc1d16a7c12e05" + "Rev": "cfe4a76edf6d17ea00c8b47fabf55edfa5f6c994" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/equality", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/errors", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/meta", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/resource", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/testing", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/testing/fuzzer", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/testing/roundtrip", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/fuzzer", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/internalversion", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1beta1", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/conversion", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/conversion/queryparams", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/fields", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/labels", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime/schema", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/json", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/protobuf", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/recognizer", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/streaming", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/runtime/serializer/versioning", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/selection", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/types", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/cache", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/clock", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/diff", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/errors", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/framer", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/httpstream", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/httpstream/spdy", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/intstr", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/json", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/mergepatch", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/net", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/remotecommand", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/runtime", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/sets", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/strategicpatch", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/validation", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/validation/field", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/wait", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/util/yaml", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/version", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/pkg/watch", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/json", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/netutil", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/reflect", - "Rev": "c3bfbaf8b18d67a795cc73475c511440d4b4de8d" + "Rev": "b9ec873992e49038c7612555e75cd092844d429f" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", diff --git a/pkg/apis/clientauthentication/v1beta1/conversion.go b/pkg/apis/clientauthentication/v1beta1/conversion.go new file mode 100644 index 00000000..f543806a --- /dev/null +++ b/pkg/apis/clientauthentication/v1beta1/conversion.go @@ -0,0 +1,26 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + conversion "k8s.io/apimachinery/pkg/conversion" + clientauthentication "k8s.io/client-go/pkg/apis/clientauthentication" +) + +func Convert_clientauthentication_ExecCredentialSpec_To_v1beta1_ExecCredentialSpec(in *clientauthentication.ExecCredentialSpec, out *ExecCredentialSpec, s conversion.Scope) error { + return nil +} diff --git a/pkg/apis/clientauthentication/v1beta1/doc.go b/pkg/apis/clientauthentication/v1beta1/doc.go new file mode 100644 index 00000000..fbcd9b7f --- /dev/null +++ b/pkg/apis/clientauthentication/v1beta1/doc.go @@ -0,0 +1,23 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=k8s.io/client-go/pkg/apis/clientauthentication +// +k8s:openapi-gen=true +// +k8s:defaulter-gen=TypeMeta + +// +groupName=client.authentication.k8s.io +package v1beta1 // import "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1" diff --git a/pkg/apis/clientauthentication/v1beta1/register.go b/pkg/apis/clientauthentication/v1beta1/register.go new file mode 100644 index 00000000..0bb92f16 --- /dev/null +++ b/pkg/apis/clientauthentication/v1beta1/register.go @@ -0,0 +1,55 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name use in this package +const GroupName = "client.authentication.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &ExecCredential{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/apis/clientauthentication/v1beta1/types.go b/pkg/apis/clientauthentication/v1beta1/types.go new file mode 100644 index 00000000..d6e26745 --- /dev/null +++ b/pkg/apis/clientauthentication/v1beta1/types.go @@ -0,0 +1,59 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ExecCredentials is used by exec-based plugins to communicate credentials to +// HTTP transports. +type ExecCredential struct { + metav1.TypeMeta `json:",inline"` + + // Spec holds information passed to the plugin by the transport. This contains + // request and runtime specific information, such as if the session is interactive. + Spec ExecCredentialSpec `json:"spec,omitempty"` + + // Status is filled in by the plugin and holds the credentials that the transport + // should use to contact the API. + // +optional + Status *ExecCredentialStatus `json:"status,omitempty"` +} + +// ExecCredenitalSpec holds request and runtime specific information provided by +// the transport. +type ExecCredentialSpec struct{} + +// ExecCredentialStatus holds credentials for the transport to use. +// +// Token and ClientKeyData are sensitive fields. This data should only be +// transmitted in-memory between client and exec plugin process. Exec plugin +// itself should at least be protected via file permissions. +type ExecCredentialStatus struct { + // ExpirationTimestamp indicates a time when the provided credentials expire. + // +optional + ExpirationTimestamp *metav1.Time `json:"expirationTimestamp,omitempty"` + // Token is a bearer token used by the client for request authentication. + Token string `json:"token,omitempty"` + // PEM-encoded client TLS certificates (including intermediates, if any). + ClientCertificateData string `json:"clientCertificateData,omitempty"` + // PEM-encoded private key for the above certificate. + ClientKeyData string `json:"clientKeyData,omitempty"` +} diff --git a/pkg/apis/clientauthentication/v1beta1/zz_generated.conversion.go b/pkg/apis/clientauthentication/v1beta1/zz_generated.conversion.go new file mode 100644 index 00000000..80e9b315 --- /dev/null +++ b/pkg/apis/clientauthentication/v1beta1/zz_generated.conversion.go @@ -0,0 +1,114 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1beta1 + +import ( + unsafe "unsafe" + + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" + clientauthentication "k8s.io/client-go/pkg/apis/clientauthentication" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(scheme *runtime.Scheme) error { + return scheme.AddGeneratedConversionFuncs( + Convert_v1beta1_ExecCredential_To_clientauthentication_ExecCredential, + Convert_clientauthentication_ExecCredential_To_v1beta1_ExecCredential, + Convert_v1beta1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec, + Convert_clientauthentication_ExecCredentialSpec_To_v1beta1_ExecCredentialSpec, + Convert_v1beta1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus, + Convert_clientauthentication_ExecCredentialStatus_To_v1beta1_ExecCredentialStatus, + ) +} + +func autoConvert_v1beta1_ExecCredential_To_clientauthentication_ExecCredential(in *ExecCredential, out *clientauthentication.ExecCredential, s conversion.Scope) error { + if err := Convert_v1beta1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + out.Status = (*clientauthentication.ExecCredentialStatus)(unsafe.Pointer(in.Status)) + return nil +} + +// Convert_v1beta1_ExecCredential_To_clientauthentication_ExecCredential is an autogenerated conversion function. +func Convert_v1beta1_ExecCredential_To_clientauthentication_ExecCredential(in *ExecCredential, out *clientauthentication.ExecCredential, s conversion.Scope) error { + return autoConvert_v1beta1_ExecCredential_To_clientauthentication_ExecCredential(in, out, s) +} + +func autoConvert_clientauthentication_ExecCredential_To_v1beta1_ExecCredential(in *clientauthentication.ExecCredential, out *ExecCredential, s conversion.Scope) error { + if err := Convert_clientauthentication_ExecCredentialSpec_To_v1beta1_ExecCredentialSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + out.Status = (*ExecCredentialStatus)(unsafe.Pointer(in.Status)) + return nil +} + +// Convert_clientauthentication_ExecCredential_To_v1beta1_ExecCredential is an autogenerated conversion function. +func Convert_clientauthentication_ExecCredential_To_v1beta1_ExecCredential(in *clientauthentication.ExecCredential, out *ExecCredential, s conversion.Scope) error { + return autoConvert_clientauthentication_ExecCredential_To_v1beta1_ExecCredential(in, out, s) +} + +func autoConvert_v1beta1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(in *ExecCredentialSpec, out *clientauthentication.ExecCredentialSpec, s conversion.Scope) error { + return nil +} + +// Convert_v1beta1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec is an autogenerated conversion function. +func Convert_v1beta1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(in *ExecCredentialSpec, out *clientauthentication.ExecCredentialSpec, s conversion.Scope) error { + return autoConvert_v1beta1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(in, out, s) +} + +func autoConvert_clientauthentication_ExecCredentialSpec_To_v1beta1_ExecCredentialSpec(in *clientauthentication.ExecCredentialSpec, out *ExecCredentialSpec, s conversion.Scope) error { + // WARNING: in.Response requires manual conversion: does not exist in peer-type + // WARNING: in.Interactive requires manual conversion: does not exist in peer-type + return nil +} + +func autoConvert_v1beta1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus(in *ExecCredentialStatus, out *clientauthentication.ExecCredentialStatus, s conversion.Scope) error { + out.ExpirationTimestamp = (*v1.Time)(unsafe.Pointer(in.ExpirationTimestamp)) + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_v1beta1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus is an autogenerated conversion function. +func Convert_v1beta1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus(in *ExecCredentialStatus, out *clientauthentication.ExecCredentialStatus, s conversion.Scope) error { + return autoConvert_v1beta1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus(in, out, s) +} + +func autoConvert_clientauthentication_ExecCredentialStatus_To_v1beta1_ExecCredentialStatus(in *clientauthentication.ExecCredentialStatus, out *ExecCredentialStatus, s conversion.Scope) error { + out.ExpirationTimestamp = (*v1.Time)(unsafe.Pointer(in.ExpirationTimestamp)) + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_clientauthentication_ExecCredentialStatus_To_v1beta1_ExecCredentialStatus is an autogenerated conversion function. +func Convert_clientauthentication_ExecCredentialStatus_To_v1beta1_ExecCredentialStatus(in *clientauthentication.ExecCredentialStatus, out *ExecCredentialStatus, s conversion.Scope) error { + return autoConvert_clientauthentication_ExecCredentialStatus_To_v1beta1_ExecCredentialStatus(in, out, s) +} diff --git a/pkg/apis/clientauthentication/v1beta1/zz_generated.deepcopy.go b/pkg/apis/clientauthentication/v1beta1/zz_generated.deepcopy.go new file mode 100644 index 00000000..656fea4d --- /dev/null +++ b/pkg/apis/clientauthentication/v1beta1/zz_generated.deepcopy.go @@ -0,0 +1,100 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1beta1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExecCredential) DeepCopyInto(out *ExecCredential) { + *out = *in + out.TypeMeta = in.TypeMeta + out.Spec = in.Spec + if in.Status != nil { + in, out := &in.Status, &out.Status + if *in == nil { + *out = nil + } else { + *out = new(ExecCredentialStatus) + (*in).DeepCopyInto(*out) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredential. +func (in *ExecCredential) DeepCopy() *ExecCredential { + if in == nil { + return nil + } + out := new(ExecCredential) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ExecCredential) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExecCredentialSpec) DeepCopyInto(out *ExecCredentialSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialSpec. +func (in *ExecCredentialSpec) DeepCopy() *ExecCredentialSpec { + if in == nil { + return nil + } + out := new(ExecCredentialSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExecCredentialStatus) DeepCopyInto(out *ExecCredentialStatus) { + *out = *in + if in.ExpirationTimestamp != nil { + in, out := &in.ExpirationTimestamp, &out.ExpirationTimestamp + if *in == nil { + *out = nil + } else { + *out = (*in).DeepCopy() + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialStatus. +func (in *ExecCredentialStatus) DeepCopy() *ExecCredentialStatus { + if in == nil { + return nil + } + out := new(ExecCredentialStatus) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/apis/clientauthentication/v1beta1/zz_generated.defaults.go b/pkg/apis/clientauthentication/v1beta1/zz_generated.defaults.go new file mode 100644 index 00000000..73e63fc1 --- /dev/null +++ b/pkg/apis/clientauthentication/v1beta1/zz_generated.defaults.go @@ -0,0 +1,32 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1beta1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/plugin/pkg/client/auth/exec/exec.go b/plugin/pkg/client/auth/exec/exec.go index 30f61562..2d05ac62 100644 --- a/plugin/pkg/client/auth/exec/exec.go +++ b/plugin/pkg/client/auth/exec/exec.go @@ -38,6 +38,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/serializer" "k8s.io/client-go/pkg/apis/clientauthentication" "k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1" + "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1" "k8s.io/client-go/tools/clientcmd/api" "k8s.io/client-go/transport" "k8s.io/client-go/util/connrotation" @@ -51,6 +52,7 @@ var codecs = serializer.NewCodecFactory(scheme) func init() { v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) v1alpha1.AddToScheme(scheme) + v1beta1.AddToScheme(scheme) clientauthentication.AddToScheme(scheme) } @@ -61,6 +63,7 @@ var ( // The list of API versions we accept. apiVersions = map[string]schema.GroupVersion{ v1alpha1.SchemeGroupVersion.String(): v1alpha1.SchemeGroupVersion, + v1beta1.SchemeGroupVersion.String(): v1beta1.SchemeGroupVersion, } ) @@ -294,13 +297,18 @@ func (a *Authenticator) refreshCredsLocked(r *clientauthentication.Response) err }, } - data, err := runtime.Encode(codecs.LegacyCodec(a.group), cred) - if err != nil { - return fmt.Errorf("encode ExecCredentials: %v", err) - } - env := append(a.environ(), a.env...) - env = append(env, fmt.Sprintf("%s=%s", execInfoEnv, data)) + if a.group == v1alpha1.SchemeGroupVersion { + // Input spec disabled for beta due to lack of use. Possibly re-enable this later if + // someone wants it back. + // + // See: https://github.com/kubernetes/kubernetes/issues/61796 + data, err := runtime.Encode(codecs.LegacyCodec(a.group), cred) + if err != nil { + return fmt.Errorf("encode ExecCredentials: %v", err) + } + env = append(env, fmt.Sprintf("%s=%s", execInfoEnv, data)) + } stdout := &bytes.Buffer{} cmd := exec.Command(a.cmd, a.args...) diff --git a/plugin/pkg/client/auth/exec/exec_test.go b/plugin/pkg/client/auth/exec/exec_test.go index c37ee4c6..e3398e82 100644 --- a/plugin/pkg/client/auth/exec/exec_test.go +++ b/plugin/pkg/client/auth/exec/exec_test.go @@ -380,6 +380,72 @@ func TestRefreshCreds(t *testing.T) { }`, certData), wantErr: true, }, + { + name: "beta-basic-request", + config: api.ExecConfig{ + APIVersion: "client.authentication.k8s.io/v1beta1", + }, + output: `{ + "kind": "ExecCredential", + "apiVersion": "client.authentication.k8s.io/v1beta1", + "status": { + "token": "foo-bar" + } + }`, + wantCreds: credentials{token: "foo-bar"}, + }, + { + name: "beta-expiry", + config: api.ExecConfig{ + APIVersion: "client.authentication.k8s.io/v1beta1", + }, + output: `{ + "kind": "ExecCredential", + "apiVersion": "client.authentication.k8s.io/v1beta1", + "status": { + "token": "foo-bar", + "expirationTimestamp": "2006-01-02T15:04:05Z" + } + }`, + wantExpiry: time.Date(2006, 01, 02, 15, 04, 05, 0, time.UTC), + wantCreds: credentials{token: "foo-bar"}, + }, + { + name: "beta-no-group-version", + config: api.ExecConfig{ + APIVersion: "client.authentication.k8s.io/v1beta1", + }, + output: `{ + "kind": "ExecCredential", + "status": { + "token": "foo-bar" + } + }`, + wantErr: true, + }, + { + name: "beta-no-status", + config: api.ExecConfig{ + APIVersion: "client.authentication.k8s.io/v1beta1", + }, + output: `{ + "kind": "ExecCredential", + "apiVersion":"client.authentication.k8s.io/v1beta1" + }`, + wantErr: true, + }, + { + name: "beta-no-token", + config: api.ExecConfig{ + APIVersion: "client.authentication.k8s.io/v1beta1", + }, + output: `{ + "kind": "ExecCredential", + "apiVersion":"client.authentication.k8s.io/v1beta1", + "status": {} + }`, + wantErr: true, + }, } for _, test := range tests { @@ -420,6 +486,13 @@ func TestRefreshCreds(t *testing.T) { t.Errorf("expected expiry %v got %v", test.wantExpiry, a.exp) } + if test.wantInput == "" { + if got := strings.TrimSpace(stderr.String()); got != "" { + t.Errorf("expected no input parameters, got %q", got) + } + return + } + compJSON(t, stderr.Bytes(), []byte(test.wantInput)) }) } diff --git a/rest/transport.go b/rest/transport.go index 7f01823d..25c1801b 100644 --- a/rest/transport.go +++ b/rest/transport.go @@ -18,6 +18,7 @@ package rest import ( "crypto/tls" + "errors" "net/http" "k8s.io/client-go/plugin/pkg/client/auth/exec" @@ -83,6 +84,11 @@ func (c *Config) TransportConfig() (*transport.Config, error) { }, Dial: c.Dial, } + + if c.ExecProvider != nil && c.AuthProvider != nil { + return nil, errors.New("execProvider and authProvider cannot be used in combination") + } + if c.ExecProvider != nil { provider, err := exec.GetAuthenticator(c.ExecProvider) if err != nil {