Use dedicated Unix User and Group ID types

Kubernetes-commit: 9440a68744ea97a45ceeef6d75466405ac101ea1

pkg/apis/extensions/BUILD

@@ -23,6 +23,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
         "//vendor/k8s.io/client-go/pkg/api:go_default_library",
     ],

pkg/apis/extensions/types.go

@@ -31,6 +31,7 @@ package extensions
 import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/intstr"
 	"k8s.io/client-go/pkg/api"
 )
@@ -948,15 +949,23 @@ type RunAsUserStrategyOptions struct {
 	Rule RunAsUserStrategy
 	// Ranges are the allowed ranges of uids that may be used.
 	// +optional
-	Ranges []IDRange
+	Ranges []UserIDRange
 }
 
-// IDRange provides a min/max of an allowed range of IDs.
-type IDRange struct {
+// UserIDRange provides a min/max of an allowed range of UserIDs.
+type UserIDRange struct {
 	// Min is the start of the range, inclusive.
-	Min int64
+	Min types.UnixUserID
 	// Max is the end of the range, inclusive.
-	Max int64
+	Max types.UnixUserID
+}
+
+// GroupIDRange provides a min/max of an allowed range of GroupIDs.
+type GroupIDRange struct {
+	// Min is the start of the range, inclusive.
+	Min types.UnixGroupID
+	// Max is the end of the range, inclusive.
+	Max types.UnixGroupID
 }
 
 // RunAsUserStrategy denotes strategy types for generating RunAsUser values for a
@@ -980,7 +989,7 @@ type FSGroupStrategyOptions struct {
 	// Ranges are the allowed ranges of fs groups.  If you would like to force a single
 	// fs group then supply a single range with the same start and end.
 	// +optional
-	Ranges []IDRange
+	Ranges []GroupIDRange
 }
 
 // FSGroupStrategyType denotes strategy types for generating FSGroup values for a
@@ -1002,7 +1011,7 @@ type SupplementalGroupsStrategyOptions struct {
 	// Ranges are the allowed ranges of supplemental groups.  If you would like to force a single
 	// supplemental group then supply a single range with the same start and end.
 	// +optional
-	Ranges []IDRange
+	Ranges []GroupIDRange
 }
 
 // SupplementalGroupsStrategyType denotes strategy types for determining valid supplemental

pkg/apis/extensions/v1beta1/zz_generated.conversion.go

@@ -81,8 +81,6 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_extensions_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue,
 		Convert_v1beta1_HostPortRange_To_extensions_HostPortRange,
 		Convert_extensions_HostPortRange_To_v1beta1_HostPortRange,
-		Convert_v1beta1_IDRange_To_extensions_IDRange,
-		Convert_extensions_IDRange_To_v1beta1_IDRange,
 		Convert_v1beta1_Ingress_To_extensions_Ingress,
 		Convert_extensions_Ingress_To_v1beta1_Ingress,
 		Convert_v1beta1_IngressBackend_To_extensions_IngressBackend,
@@ -684,7 +682,7 @@ func autoConvert_extensions_DeploymentStrategy_To_v1beta1_DeploymentStrategy(in
 
 func autoConvert_v1beta1_FSGroupStrategyOptions_To_extensions_FSGroupStrategyOptions(in *FSGroupStrategyOptions, out *extensions.FSGroupStrategyOptions, s conversion.Scope) error {
 	out.Rule = extensions.FSGroupStrategyType(in.Rule)
-	out.Ranges = *(*[]extensions.IDRange)(unsafe.Pointer(&in.Ranges))
+	out.Ranges = *(*[]extensions.GroupIDRange)(unsafe.Pointer(&in.Ranges))
 	return nil
 }
 
@@ -776,28 +774,6 @@ func Convert_extensions_HostPortRange_To_v1beta1_HostPortRange(in *extensions.Ho
 	return autoConvert_extensions_HostPortRange_To_v1beta1_HostPortRange(in, out, s)
 }
 
-func autoConvert_v1beta1_IDRange_To_extensions_IDRange(in *IDRange, out *extensions.IDRange, s conversion.Scope) error {
-	out.Min = in.Min
-	out.Max = in.Max
-	return nil
-}
-
-// Convert_v1beta1_IDRange_To_extensions_IDRange is an autogenerated conversion function.
-func Convert_v1beta1_IDRange_To_extensions_IDRange(in *IDRange, out *extensions.IDRange, s conversion.Scope) error {
-	return autoConvert_v1beta1_IDRange_To_extensions_IDRange(in, out, s)
-}
-
-func autoConvert_extensions_IDRange_To_v1beta1_IDRange(in *extensions.IDRange, out *IDRange, s conversion.Scope) error {
-	out.Min = in.Min
-	out.Max = in.Max
-	return nil
-}
-
-// Convert_extensions_IDRange_To_v1beta1_IDRange is an autogenerated conversion function.
-func Convert_extensions_IDRange_To_v1beta1_IDRange(in *extensions.IDRange, out *IDRange, s conversion.Scope) error {
-	return autoConvert_extensions_IDRange_To_v1beta1_IDRange(in, out, s)
-}
-
 func autoConvert_v1beta1_Ingress_To_extensions_Ingress(in *Ingress, out *extensions.Ingress, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_v1beta1_IngressSpec_To_extensions_IngressSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -1504,7 +1480,7 @@ func autoConvert_extensions_RollingUpdateDeployment_To_v1beta1_RollingUpdateDepl
 
 func autoConvert_v1beta1_RunAsUserStrategyOptions_To_extensions_RunAsUserStrategyOptions(in *RunAsUserStrategyOptions, out *extensions.RunAsUserStrategyOptions, s conversion.Scope) error {
 	out.Rule = extensions.RunAsUserStrategy(in.Rule)
-	out.Ranges = *(*[]extensions.IDRange)(unsafe.Pointer(&in.Ranges))
+	out.Ranges = *(*[]extensions.UserIDRange)(unsafe.Pointer(&in.Ranges))
 	return nil
 }
 
@@ -1613,7 +1589,7 @@ func autoConvert_extensions_ScaleStatus_To_v1beta1_ScaleStatus(in *extensions.Sc
 
 func autoConvert_v1beta1_SupplementalGroupsStrategyOptions_To_extensions_SupplementalGroupsStrategyOptions(in *SupplementalGroupsStrategyOptions, out *extensions.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
 	out.Rule = extensions.SupplementalGroupsStrategyType(in.Rule)
-	out.Ranges = *(*[]extensions.IDRange)(unsafe.Pointer(&in.Ranges))
+	out.Ranges = *(*[]extensions.GroupIDRange)(unsafe.Pointer(&in.Ranges))
 	return nil
 }
 

pkg/apis/extensions/zz_generated.deepcopy.go

@@ -55,10 +55,10 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_DeploymentStatus, InType: reflect.TypeOf(&DeploymentStatus{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_DeploymentStrategy, InType: reflect.TypeOf(&DeploymentStrategy{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_FSGroupStrategyOptions, InType: reflect.TypeOf(&FSGroupStrategyOptions{})},
+		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_GroupIDRange, InType: reflect.TypeOf(&GroupIDRange{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_HTTPIngressPath, InType: reflect.TypeOf(&HTTPIngressPath{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_HTTPIngressRuleValue, InType: reflect.TypeOf(&HTTPIngressRuleValue{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_HostPortRange, InType: reflect.TypeOf(&HostPortRange{})},
-		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_IDRange, InType: reflect.TypeOf(&IDRange{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_Ingress, InType: reflect.TypeOf(&Ingress{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_IngressBackend, InType: reflect.TypeOf(&IngressBackend{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_IngressList, InType: reflect.TypeOf(&IngressList{})},
@@ -95,6 +95,7 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_ThirdPartyResourceData, InType: reflect.TypeOf(&ThirdPartyResourceData{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_ThirdPartyResourceDataList, InType: reflect.TypeOf(&ThirdPartyResourceDataList{})},
 		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_ThirdPartyResourceList, InType: reflect.TypeOf(&ThirdPartyResourceList{})},
+		conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_extensions_UserIDRange, InType: reflect.TypeOf(&UserIDRange{})},
 	)
 }
 
@@ -386,13 +387,22 @@ func DeepCopy_extensions_FSGroupStrategyOptions(in interface{}, out interface{},
 		*out = *in
 		if in.Ranges != nil {
 			in, out := &in.Ranges, &out.Ranges
-			*out = make([]IDRange, len(*in))
+			*out = make([]GroupIDRange, len(*in))
 			copy(*out, *in)
 		}
 		return nil
 	}
 }
 
+func DeepCopy_extensions_GroupIDRange(in interface{}, out interface{}, c *conversion.Cloner) error {
+	{
+		in := in.(*GroupIDRange)
+		out := out.(*GroupIDRange)
+		*out = *in
+		return nil
+	}
+}
+
 func DeepCopy_extensions_HTTPIngressPath(in interface{}, out interface{}, c *conversion.Cloner) error {
 	{
 		in := in.(*HTTPIngressPath)
@@ -425,15 +435,6 @@ func DeepCopy_extensions_HostPortRange(in interface{}, out interface{}, c *conve
 	}
 }
 
-func DeepCopy_extensions_IDRange(in interface{}, out interface{}, c *conversion.Cloner) error {
-	{
-		in := in.(*IDRange)
-		out := out.(*IDRange)
-		*out = *in
-		return nil
-	}
-}
-
 func DeepCopy_extensions_Ingress(in interface{}, out interface{}, c *conversion.Cloner) error {
 	{
 		in := in.(*Ingress)
@@ -906,7 +907,7 @@ func DeepCopy_extensions_RunAsUserStrategyOptions(in interface{}, out interface{
 		*out = *in
 		if in.Ranges != nil {
 			in, out := &in.Ranges, &out.Ranges
-			*out = make([]IDRange, len(*in))
+			*out = make([]UserIDRange, len(*in))
 			copy(*out, *in)
 		}
 		return nil
@@ -977,7 +978,7 @@ func DeepCopy_extensions_SupplementalGroupsStrategyOptions(in interface{}, out i
 		*out = *in
 		if in.Ranges != nil {
 			in, out := &in.Ranges, &out.Ranges
-			*out = make([]IDRange, len(*in))
+			*out = make([]GroupIDRange, len(*in))
 			copy(*out, *in)
 		}
 		return nil
@@ -1057,3 +1058,12 @@ func DeepCopy_extensions_ThirdPartyResourceList(in interface{}, out interface{},
 		return nil
 	}
 }
+
+func DeepCopy_extensions_UserIDRange(in interface{}, out interface{}, c *conversion.Cloner) error {
+	{
+		in := in.(*UserIDRange)
+		out := out.(*UserIDRange)
+		*out = *in
+		return nil
+	}
+}