Merge pull request #54933 from php-coder/psp_introduce_new_api_group

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Introduce PodSecurityPolicy in the policy/v1beta1 API group Types/constants are completely the same as in `extensions/v1beta1` except that they are located outside of the `extensions` API group. **What this PR does / why we need it**: This is the first step for migrating PSP-related stuff away of `extensions` group. See #43214 for more information. Also it related to https://github.com/kubernetes/features/issues/5 **Example**: ```console $ cat restricted2.yaml apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: restricted2 ... $ kubectl create -f restricted.yaml podsecuritypolicy "restricted2" created $ kubectl get psp restricted2 -o yaml apiVersion: extensions/v1beta1 kind: PodSecurityPolicy ... ``` **Release note**: ```release-note The `PodSecurityPolicy` API has been moved to the `policy/v1beta1` API group. The `PodSecurityPolicy` API in the `extensions/v1beta1` API group is deprecated and will be removed in a future release. ``` Kubernetes-commit: f8298702ffe644a4f021e23a616ad6a8790a5537
2025-08-31 14:44:50 +00:00 · 2018-02-20 15:44:50 -08:00
parent fd88764ee8 68725b77a4
commit 6c6051c8d6
15 changed files with 1060 additions and 616 deletions
--- a/Godeps/Godeps.json
+++ b/Godeps/Godeps.json
--- a/informers/generic.go
+++ b/informers/generic.go
@@ -198,6 +198,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 		// Group=policy, Version=v1beta1
 	case policy_v1beta1.SchemeGroupVersion.WithResource("poddisruptionbudgets"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Policy().V1beta1().PodDisruptionBudgets().Informer()}, nil
+	case policy_v1beta1.SchemeGroupVersion.WithResource("podsecuritypolicies"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Policy().V1beta1().PodSecurityPolicies().Informer()}, nil

 		// Group=rbac.authorization.k8s.io, Version=v1
 	case rbac_v1.SchemeGroupVersion.WithResource("clusterroles"):
--- a/informers/policy/v1beta1/BUILD
+++ b/informers/policy/v1beta1/BUILD
@@ -10,6 +10,7 @@ go_library(
    srcs = [
        "interface.go",
        "poddisruptionbudget.go",
+        "podsecuritypolicy.go",
    ],
    importpath = "k8s.io/client-go/informers/policy/v1beta1",
    deps = [
--- a/informers/policy/v1beta1/interface.go
+++ b/informers/policy/v1beta1/interface.go
@@ -26,6 +26,8 @@ import (
 type Interface interface {
 	// PodDisruptionBudgets returns a PodDisruptionBudgetInformer.
 	PodDisruptionBudgets() PodDisruptionBudgetInformer
+	// PodSecurityPolicies returns a PodSecurityPolicyInformer.
+	PodSecurityPolicies() PodSecurityPolicyInformer
 }

 type version struct {
@@ -43,3 +45,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
 func (v *version) PodDisruptionBudgets() PodDisruptionBudgetInformer {
 	return &podDisruptionBudgetInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
 }
+
+// PodSecurityPolicies returns a PodSecurityPolicyInformer.
+func (v *version) PodSecurityPolicies() PodSecurityPolicyInformer {
+	return &podSecurityPolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
--- a/informers/policy/v1beta1/podsecuritypolicy.go
+++ b/informers/policy/v1beta1/podsecuritypolicy.go
@@ -0,0 +1,88 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// This file was automatically generated by informer-gen
+
+package v1beta1
+
+import (
+	time "time"
+
+	policy_v1beta1 "k8s.io/api/policy/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	v1beta1 "k8s.io/client-go/listers/policy/v1beta1"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// PodSecurityPolicyInformer provides access to a shared informer and lister for
+// PodSecurityPolicies.
+type PodSecurityPolicyInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() v1beta1.PodSecurityPolicyLister
+}
+
+type podSecurityPolicyInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewPodSecurityPolicyInformer constructs a new informer for PodSecurityPolicy type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewPodSecurityPolicyInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredPodSecurityPolicyInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredPodSecurityPolicyInformer constructs a new informer for PodSecurityPolicy type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredPodSecurityPolicyInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1beta1().PodSecurityPolicies().List(options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1beta1().PodSecurityPolicies().Watch(options)
+			},
+		},
+		&policy_v1beta1.PodSecurityPolicy{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *podSecurityPolicyInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredPodSecurityPolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *podSecurityPolicyInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&policy_v1beta1.PodSecurityPolicy{}, f.defaultInformer)
+}
+
+func (f *podSecurityPolicyInformer) Lister() v1beta1.PodSecurityPolicyLister {
+	return v1beta1.NewPodSecurityPolicyLister(f.Informer().GetIndexer())
+}
--- a/kubernetes/typed/policy/v1beta1/BUILD
+++ b/kubernetes/typed/policy/v1beta1/BUILD
@@ -13,6 +13,7 @@ go_library(
        "eviction_expansion.go",
        "generated_expansion.go",
        "poddisruptionbudget.go",
+        "podsecuritypolicy.go",
        "policy_client.go",
    ],
    importpath = "k8s.io/client-go/kubernetes/typed/policy/v1beta1",
--- a/kubernetes/typed/policy/v1beta1/fake/BUILD
+++ b/kubernetes/typed/policy/v1beta1/fake/BUILD
@@ -12,6 +12,7 @@ go_library(
        "fake_eviction.go",
        "fake_eviction_expansion.go",
        "fake_poddisruptionbudget.go",
+        "fake_podsecuritypolicy.go",
        "fake_policy_client.go",
    ],
    importpath = "k8s.io/client-go/kubernetes/typed/policy/v1beta1/fake",
--- a/kubernetes/typed/policy/v1beta1/fake/fake_podsecuritypolicy.go
+++ b/kubernetes/typed/policy/v1beta1/fake/fake_podsecuritypolicy.go
@@ -0,0 +1,118 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fake
+
+import (
+	v1beta1 "k8s.io/api/policy/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	labels "k8s.io/apimachinery/pkg/labels"
+	schema "k8s.io/apimachinery/pkg/runtime/schema"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	testing "k8s.io/client-go/testing"
+)
+
+// FakePodSecurityPolicies implements PodSecurityPolicyInterface
+type FakePodSecurityPolicies struct {
+	Fake *FakePolicyV1beta1
+}
+
+var podsecuritypoliciesResource = schema.GroupVersionResource{Group: "policy", Version: "v1beta1", Resource: "podsecuritypolicies"}
+
+var podsecuritypoliciesKind = schema.GroupVersionKind{Group: "policy", Version: "v1beta1", Kind: "PodSecurityPolicy"}
+
+// Get takes name of the podSecurityPolicy, and returns the corresponding podSecurityPolicy object, and an error if there is any.
+func (c *FakePodSecurityPolicies) Get(name string, options v1.GetOptions) (result *v1beta1.PodSecurityPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootGetAction(podsecuritypoliciesResource, name), &v1beta1.PodSecurityPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1beta1.PodSecurityPolicy), err
+}
+
+// List takes label and field selectors, and returns the list of PodSecurityPolicies that match those selectors.
+func (c *FakePodSecurityPolicies) List(opts v1.ListOptions) (result *v1beta1.PodSecurityPolicyList, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootListAction(podsecuritypoliciesResource, podsecuritypoliciesKind, opts), &v1beta1.PodSecurityPolicyList{})
+	if obj == nil {
+		return nil, err
+	}
+
+	label, _, _ := testing.ExtractFromListOptions(opts)
+	if label == nil {
+		label = labels.Everything()
+	}
+	list := &v1beta1.PodSecurityPolicyList{}
+	for _, item := range obj.(*v1beta1.PodSecurityPolicyList).Items {
+		if label.Matches(labels.Set(item.Labels)) {
+			list.Items = append(list.Items, item)
+		}
+	}
+	return list, err
+}
+
+// Watch returns a watch.Interface that watches the requested podSecurityPolicies.
+func (c *FakePodSecurityPolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	return c.Fake.
+		InvokesWatch(testing.NewRootWatchAction(podsecuritypoliciesResource, opts))
+}
+
+// Create takes the representation of a podSecurityPolicy and creates it.  Returns the server's representation of the podSecurityPolicy, and an error, if there is any.
+func (c *FakePodSecurityPolicies) Create(podSecurityPolicy *v1beta1.PodSecurityPolicy) (result *v1beta1.PodSecurityPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootCreateAction(podsecuritypoliciesResource, podSecurityPolicy), &v1beta1.PodSecurityPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1beta1.PodSecurityPolicy), err
+}
+
+// Update takes the representation of a podSecurityPolicy and updates it. Returns the server's representation of the podSecurityPolicy, and an error, if there is any.
+func (c *FakePodSecurityPolicies) Update(podSecurityPolicy *v1beta1.PodSecurityPolicy) (result *v1beta1.PodSecurityPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootUpdateAction(podsecuritypoliciesResource, podSecurityPolicy), &v1beta1.PodSecurityPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1beta1.PodSecurityPolicy), err
+}
+
+// Delete takes name of the podSecurityPolicy and deletes it. Returns an error if one occurs.
+func (c *FakePodSecurityPolicies) Delete(name string, options *v1.DeleteOptions) error {
+	_, err := c.Fake.
+		Invokes(testing.NewRootDeleteAction(podsecuritypoliciesResource, name), &v1beta1.PodSecurityPolicy{})
+	return err
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *FakePodSecurityPolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	action := testing.NewRootDeleteCollectionAction(podsecuritypoliciesResource, listOptions)
+
+	_, err := c.Fake.Invokes(action, &v1beta1.PodSecurityPolicyList{})
+	return err
+}
+
+// Patch applies the patch and returns the patched podSecurityPolicy.
+func (c *FakePodSecurityPolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.PodSecurityPolicy, err error) {
+	obj, err := c.Fake.
+		Invokes(testing.NewRootPatchSubresourceAction(podsecuritypoliciesResource, name, data, subresources...), &v1beta1.PodSecurityPolicy{})
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*v1beta1.PodSecurityPolicy), err
+}
--- a/kubernetes/typed/policy/v1beta1/fake/fake_policy_client.go
+++ b/kubernetes/typed/policy/v1beta1/fake/fake_policy_client.go
@@ -34,6 +34,10 @@ func (c *FakePolicyV1beta1) PodDisruptionBudgets(namespace string) v1beta1.PodDi
 	return &FakePodDisruptionBudgets{c, namespace}
 }

+func (c *FakePolicyV1beta1) PodSecurityPolicies() v1beta1.PodSecurityPolicyInterface {
+	return &FakePodSecurityPolicies{c}
+}
+
 // RESTClient returns a RESTClient that is used to communicate
 // with API server by this client implementation.
 func (c *FakePolicyV1beta1) RESTClient() rest.Interface {
--- a/kubernetes/typed/policy/v1beta1/generated_expansion.go
+++ b/kubernetes/typed/policy/v1beta1/generated_expansion.go
@@ -17,3 +17,5 @@ limitations under the License.
 package v1beta1

 type PodDisruptionBudgetExpansion interface{}
+
+type PodSecurityPolicyExpansion interface{}
--- a/kubernetes/typed/policy/v1beta1/podsecuritypolicy.go
+++ b/kubernetes/typed/policy/v1beta1/podsecuritypolicy.go
@@ -0,0 +1,145 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	v1beta1 "k8s.io/api/policy/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+	rest "k8s.io/client-go/rest"
+)
+
+// PodSecurityPoliciesGetter has a method to return a PodSecurityPolicyInterface.
+// A group's client should implement this interface.
+type PodSecurityPoliciesGetter interface {
+	PodSecurityPolicies() PodSecurityPolicyInterface
+}
+
+// PodSecurityPolicyInterface has methods to work with PodSecurityPolicy resources.
+type PodSecurityPolicyInterface interface {
+	Create(*v1beta1.PodSecurityPolicy) (*v1beta1.PodSecurityPolicy, error)
+	Update(*v1beta1.PodSecurityPolicy) (*v1beta1.PodSecurityPolicy, error)
+	Delete(name string, options *v1.DeleteOptions) error
+	DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
+	Get(name string, options v1.GetOptions) (*v1beta1.PodSecurityPolicy, error)
+	List(opts v1.ListOptions) (*v1beta1.PodSecurityPolicyList, error)
+	Watch(opts v1.ListOptions) (watch.Interface, error)
+	Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.PodSecurityPolicy, err error)
+	PodSecurityPolicyExpansion
+}
+
+// podSecurityPolicies implements PodSecurityPolicyInterface
+type podSecurityPolicies struct {
+	client rest.Interface
+}
+
+// newPodSecurityPolicies returns a PodSecurityPolicies
+func newPodSecurityPolicies(c *PolicyV1beta1Client) *podSecurityPolicies {
+	return &podSecurityPolicies{
+		client: c.RESTClient(),
+	}
+}
+
+// Get takes name of the podSecurityPolicy, and returns the corresponding podSecurityPolicy object, and an error if there is any.
+func (c *podSecurityPolicies) Get(name string, options v1.GetOptions) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Get().
+		Resource("podsecuritypolicies").
+		Name(name).
+		VersionedParams(&options, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// List takes label and field selectors, and returns the list of PodSecurityPolicies that match those selectors.
+func (c *podSecurityPolicies) List(opts v1.ListOptions) (result *v1beta1.PodSecurityPolicyList, err error) {
+	result = &v1beta1.PodSecurityPolicyList{}
+	err = c.client.Get().
+		Resource("podsecuritypolicies").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// Watch returns a watch.Interface that watches the requested podSecurityPolicies.
+func (c *podSecurityPolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	opts.Watch = true
+	return c.client.Get().
+		Resource("podsecuritypolicies").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Watch()
+}
+
+// Create takes the representation of a podSecurityPolicy and creates it.  Returns the server's representation of the podSecurityPolicy, and an error, if there is any.
+func (c *podSecurityPolicies) Create(podSecurityPolicy *v1beta1.PodSecurityPolicy) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Post().
+		Resource("podsecuritypolicies").
+		Body(podSecurityPolicy).
+		Do().
+		Into(result)
+	return
+}
+
+// Update takes the representation of a podSecurityPolicy and updates it. Returns the server's representation of the podSecurityPolicy, and an error, if there is any.
+func (c *podSecurityPolicies) Update(podSecurityPolicy *v1beta1.PodSecurityPolicy) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Put().
+		Resource("podsecuritypolicies").
+		Name(podSecurityPolicy.Name).
+		Body(podSecurityPolicy).
+		Do().
+		Into(result)
+	return
+}
+
+// Delete takes name of the podSecurityPolicy and deletes it. Returns an error if one occurs.
+func (c *podSecurityPolicies) Delete(name string, options *v1.DeleteOptions) error {
+	return c.client.Delete().
+		Resource("podsecuritypolicies").
+		Name(name).
+		Body(options).
+		Do().
+		Error()
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *podSecurityPolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	return c.client.Delete().
+		Resource("podsecuritypolicies").
+		VersionedParams(&listOptions, scheme.ParameterCodec).
+		Body(options).
+		Do().
+		Error()
+}
+
+// Patch applies the patch and returns the patched podSecurityPolicy.
+func (c *podSecurityPolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Patch(pt).
+		Resource("podsecuritypolicies").
+		SubResource(subresources...).
+		Name(name).
+		Body(data).
+		Do().
+		Into(result)
+	return
+}
--- a/kubernetes/typed/policy/v1beta1/policy_client.go
+++ b/kubernetes/typed/policy/v1beta1/policy_client.go
@@ -27,6 +27,7 @@ type PolicyV1beta1Interface interface {
 	RESTClient() rest.Interface
 	EvictionsGetter
 	PodDisruptionBudgetsGetter
+	PodSecurityPoliciesGetter
 }

 // PolicyV1beta1Client is used to interact with features provided by the policy group.
@@ -42,6 +43,10 @@ func (c *PolicyV1beta1Client) PodDisruptionBudgets(namespace string) PodDisrupti
 	return newPodDisruptionBudgets(c, namespace)
 }

+func (c *PolicyV1beta1Client) PodSecurityPolicies() PodSecurityPolicyInterface {
+	return newPodSecurityPolicies(c)
+}
+
 // NewForConfig creates a new PolicyV1beta1Client for the given config.
 func NewForConfig(c *rest.Config) (*PolicyV1beta1Client, error) {
 	config := *c
--- a/listers/policy/v1beta1/BUILD
+++ b/listers/policy/v1beta1/BUILD
@@ -12,6 +12,7 @@ go_library(
        "expansion_generated.go",
        "poddisruptionbudget.go",
        "poddisruptionbudget_expansion.go",
+        "podsecuritypolicy.go",
    ],
    importpath = "k8s.io/client-go/listers/policy/v1beta1",
    deps = [
--- a/listers/policy/v1beta1/expansion_generated.go
+++ b/listers/policy/v1beta1/expansion_generated.go
@@ -25,3 +25,7 @@ type EvictionListerExpansion interface{}
 // EvictionNamespaceListerExpansion allows custom methods to be added to
 // EvictionNamespaceLister.
 type EvictionNamespaceListerExpansion interface{}
+
+// PodSecurityPolicyListerExpansion allows custom methods to be added to
+// PodSecurityPolicyLister.
+type PodSecurityPolicyListerExpansion interface{}
--- a/listers/policy/v1beta1/podsecuritypolicy.go
+++ b/listers/policy/v1beta1/podsecuritypolicy.go
@@ -0,0 +1,65 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// This file was automatically generated by lister-gen
+
+package v1beta1
+
+import (
+	v1beta1 "k8s.io/api/policy/v1beta1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/client-go/tools/cache"
+)
+
+// PodSecurityPolicyLister helps list PodSecurityPolicies.
+type PodSecurityPolicyLister interface {
+	// List lists all PodSecurityPolicies in the indexer.
+	List(selector labels.Selector) (ret []*v1beta1.PodSecurityPolicy, err error)
+	// Get retrieves the PodSecurityPolicy from the index for a given name.
+	Get(name string) (*v1beta1.PodSecurityPolicy, error)
+	PodSecurityPolicyListerExpansion
+}
+
+// podSecurityPolicyLister implements the PodSecurityPolicyLister interface.
+type podSecurityPolicyLister struct {
+	indexer cache.Indexer
+}
+
+// NewPodSecurityPolicyLister returns a new PodSecurityPolicyLister.
+func NewPodSecurityPolicyLister(indexer cache.Indexer) PodSecurityPolicyLister {
+	return &podSecurityPolicyLister{indexer: indexer}
+}
+
+// List lists all PodSecurityPolicies in the indexer.
+func (s *podSecurityPolicyLister) List(selector labels.Selector) (ret []*v1beta1.PodSecurityPolicy, err error) {
+	err = cache.ListAll(s.indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*v1beta1.PodSecurityPolicy))
+	})
+	return ret, err
+}
+
+// Get retrieves the PodSecurityPolicy from the index for a given name.
+func (s *podSecurityPolicyLister) Get(name string) (*v1beta1.PodSecurityPolicy, error) {
+	obj, exists, err := s.indexer.GetByKey(name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(v1beta1.Resource("podsecuritypolicy"), name)
+	}
+	return obj.(*v1beta1.PodSecurityPolicy), nil
+}