github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 19:56:01 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #59437 from mikedanese/id-api

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 58444, 59283, 59437, 59325, 59449). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

authentication: remove TokenRequest from authentication.k8s.io/v1beta1

We don't actually need v1beta1 TokenRequest so should we leave the API group sparse?

https://github.com/kubernetes/kubernetes/issues/58790

```release-note
NONE
```
This commit is contained in:
Kubernetes Submit Queue 2018-02-06 22:42:38 -08:00 committed by GitHub
commit 1f3c66fba7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 54 additions and 1288 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/apis/authentication/v1beta1/BUILD
View File

@ -19,11 +19,9 @@ go_library(
deps = [
"//pkg/apis/authentication:go_default_library",
"//vendor/k8s.io/api/authentication/v1beta1:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
],
)

118
pkg/apis/authentication/v1beta1/zz_generated.conversion.go generated
View File

@ -24,10 +24,8 @@ import (
unsafe "unsafe"
v1beta1 "k8s.io/api/authentication/v1beta1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
conversion "k8s.io/apimachinery/pkg/conversion"
runtime "k8s.io/apimachinery/pkg/runtime"
types "k8s.io/apimachinery/pkg/types"
authentication "k8s.io/kubernetes/pkg/apis/authentication"
)
@ -39,14 +37,6 @@ func init() {
// Public to allow building arbitrary schemes.
func RegisterConversions(scheme *runtime.Scheme) error {
return scheme.AddGeneratedConversionFuncs(
Convert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference,
Convert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference,
Convert_v1beta1_TokenRequest_To_authentication_TokenRequest,
Convert_authentication_TokenRequest_To_v1beta1_TokenRequest,
Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec,
Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec,
Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus,
Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus,
Convert_v1beta1_TokenReview_To_authentication_TokenReview,
Convert_authentication_TokenReview_To_v1beta1_TokenReview,
Convert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec,
@ -58,114 +48,6 @@ func RegisterConversions(scheme *runtime.Scheme) error {
)
}
func autoConvert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference(in *v1beta1.BoundObjectReference, out *authentication.BoundObjectReference, s conversion.Scope) error {
out.Kind = in.Kind
out.APIVersion = in.APIVersion
out.Name = in.Name
out.UID = types.UID(in.UID)
return nil
}
// Convert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference is an autogenerated conversion function.
func Convert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference(in *v1beta1.BoundObjectReference, out *authentication.BoundObjectReference, s conversion.Scope) error {
return autoConvert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference(in, out, s)
}
func autoConvert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference(in *authentication.BoundObjectReference, out *v1beta1.BoundObjectReference, s conversion.Scope) error {
out.Kind = in.Kind
out.APIVersion = in.APIVersion
out.Name = in.Name
out.UID = types.UID(in.UID)
return nil
}
// Convert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference is an autogenerated conversion function.
func Convert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference(in *authentication.BoundObjectReference, out *v1beta1.BoundObjectReference, s conversion.Scope) error {
return autoConvert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference(in, out, s)
}
func autoConvert_v1beta1_TokenRequest_To_authentication_TokenRequest(in *v1beta1.TokenRequest, out *authentication.TokenRequest, s conversion.Scope) error {
out.ObjectMeta = in.ObjectMeta
if err := Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(&in.Spec, &out.Spec, s); err != nil {
return err
}
if err := Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(&in.Status, &out.Status, s); err != nil {
return err
}
return nil
}
// Convert_v1beta1_TokenRequest_To_authentication_TokenRequest is an autogenerated conversion function.
func Convert_v1beta1_TokenRequest_To_authentication_TokenRequest(in *v1beta1.TokenRequest, out *authentication.TokenRequest, s conversion.Scope) error {
return autoConvert_v1beta1_TokenRequest_To_authentication_TokenRequest(in, out, s)
}
func autoConvert_authentication_TokenRequest_To_v1beta1_TokenRequest(in *authentication.TokenRequest, out *v1beta1.TokenRequest, s conversion.Scope) error {
out.ObjectMeta = in.ObjectMeta
if err := Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(&in.Spec, &out.Spec, s); err != nil {
return err
}
if err := Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(&in.Status, &out.Status, s); err != nil {
return err
}
return nil
}
// Convert_authentication_TokenRequest_To_v1beta1_TokenRequest is an autogenerated conversion function.
func Convert_authentication_TokenRequest_To_v1beta1_TokenRequest(in *authentication.TokenRequest, out *v1beta1.TokenRequest, s conversion.Scope) error {
return autoConvert_authentication_TokenRequest_To_v1beta1_TokenRequest(in, out, s)
}
func autoConvert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(in *v1beta1.TokenRequestSpec, out *authentication.TokenRequestSpec, s conversion.Scope) error {
out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
if err := v1.Convert_Pointer_int64_To_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil {
return err
}
out.BoundObjectRef = (*authentication.BoundObjectReference)(unsafe.Pointer(in.BoundObjectRef))
return nil
}
// Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec is an autogenerated conversion function.
func Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(in *v1beta1.TokenRequestSpec, out *authentication.TokenRequestSpec, s conversion.Scope) error {
return autoConvert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(in, out, s)
}
func autoConvert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(in *authentication.TokenRequestSpec, out *v1beta1.TokenRequestSpec, s conversion.Scope) error {
out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
if err := v1.Convert_int64_To_Pointer_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil {
return err
}
out.BoundObjectRef = (*v1beta1.BoundObjectReference)(unsafe.Pointer(in.BoundObjectRef))
return nil
}
// Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec is an autogenerated conversion function.
func Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(in *authentication.TokenRequestSpec, out *v1beta1.TokenRequestSpec, s conversion.Scope) error {
return autoConvert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(in, out, s)
}
func autoConvert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(in *v1beta1.TokenRequestStatus, out *authentication.TokenRequestStatus, s conversion.Scope) error {
out.Token = in.Token
out.ExpirationTimestamp = in.ExpirationTimestamp
return nil
}
// Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus is an autogenerated conversion function.
func Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(in *v1beta1.TokenRequestStatus, out *authentication.TokenRequestStatus, s conversion.Scope) error {
return autoConvert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(in, out, s)
}
func autoConvert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(in *authentication.TokenRequestStatus, out *v1beta1.TokenRequestStatus, s conversion.Scope) error {
out.Token = in.Token
out.ExpirationTimestamp = in.ExpirationTimestamp
return nil
}
// Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus is an autogenerated conversion function.
func Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(in *authentication.TokenRequestStatus, out *v1beta1.TokenRequestStatus, s conversion.Scope) error {
return autoConvert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(in, out, s)
}
func autoConvert_v1beta1_TokenReview_To_authentication_TokenReview(in *v1beta1.TokenReview, out *authentication.TokenReview, s conversion.Scope) error {
out.ObjectMeta = in.ObjectMeta
if err := Convert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec(&in.Spec, &out.Spec, s); err != nil {

1
staging/src/k8s.io/api/authentication/v1beta1/BUILD
View File

@ -22,7 +22,6 @@ go_library(
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
],
)

953
staging/src/k8s.io/api/authentication/v1beta1/generated.pb.go generated
View File

File diff suppressed because it is too large Load Diff

61
staging/src/k8s.io/api/authentication/v1beta1/generated.proto
View File

@ -29,25 +29,6 @@ import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// BoundObjectReference is a reference to an object that a token is bound to.
message BoundObjectReference {
// Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
// +optional
optional string kind = 1;
// API version of the referent.
// +optional
optional string aPIVersion = 2;
// Name of the referent.
// +optional
optional string name = 3;
// UID of the referent.
// +optional
optional string uID = 4;
}
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
@ -57,48 +38,6 @@ message ExtraValue {
repeated string items = 1;
}
// TokenRequest requests a token for a given service account.
message TokenRequest {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
optional TokenRequestSpec spec = 2;
// +optional
optional TokenRequestStatus status = 3;
}
// TokenRequestSpec contains client provided parameters of a token request.
message TokenRequestSpec {
// Audiences are the intendend audiences of the token. A recipient of a
// token must identitfy themself with an identifier in the list of
// audiences of the token, and otherwise should reject the token. A
// token issued for multiple audiences may be used to authenticate
// against any of the audiences listed but implies a high degree of
// trust between the target audiences.
repeated string audiences = 1;
// ExpirationSeconds is the requested duration of validity of the request. The
// token issuer may return a token with a different validity duration so a
// client needs to check the 'expiration' field in a response.
// +optional
optional int64 expirationSeconds = 4;
// BoundObjectRef is a reference to an object that the token will be bound to.
// The token will only be valid for as long as the bound objet exists.
// +optional
optional BoundObjectReference boundObjectRef = 3;
}
// TokenRequestStatus is the result of a token request.
message TokenRequestStatus {
// Token is the opaque bearer token.
optional string token = 1;
// ExpirationTimestmap is the time of expiration of the returned token.
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time expirationTimestamp = 2;
}
// TokenReview attempts to authenticate a token to a known user.
// Note: TokenReview requests may be cached by the webhook token authenticator
// plugin in the kube-apiserver.

1
staging/src/k8s.io/api/authentication/v1beta1/register.go
View File

@ -45,7 +45,6 @@ var (
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&TokenReview{},
&TokenRequest{},
)
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil

61
staging/src/k8s.io/api/authentication/v1beta1/types.go
View File

@ -20,7 +20,6 @@ import (
"fmt"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
)
// +genclient
@ -91,63 +90,3 @@ type ExtraValue []string
func (t ExtraValue) String() string {
return fmt.Sprintf("%v", []string(t))
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// TokenRequest requests a token for a given service account.
type TokenRequest struct {
metav1.TypeMeta `json:",inline"`
// +optional
metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
Spec TokenRequestSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
// +optional
Status TokenRequestStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}
// TokenRequestSpec contains client provided parameters of a token request.
type TokenRequestSpec struct {
// Audiences are the intendend audiences of the token. A recipient of a
// token must identitfy themself with an identifier in the list of
// audiences of the token, and otherwise should reject the token. A
// token issued for multiple audiences may be used to authenticate
// against any of the audiences listed but implies a high degree of
// trust between the target audiences.
Audiences []string `json:"audiences" protobuf:"bytes,1,rep,name=audiences"`
// ExpirationSeconds is the requested duration of validity of the request. The
// token issuer may return a token with a different validity duration so a
// client needs to check the 'expiration' field in a response.
// +optional
ExpirationSeconds *int64 `json:"expirationSeconds" protobuf:"varint,4,opt,name=expirationSeconds"`
// BoundObjectRef is a reference to an object that the token will be bound to.
// The token will only be valid for as long as the bound objet exists.
// +optional
BoundObjectRef *BoundObjectReference `json:"boundObjectRef" protobuf:"bytes,3,opt,name=boundObjectRef"`
}
// TokenRequestStatus is the result of a token request.
type TokenRequestStatus struct {
// Token is the opaque bearer token.
Token string `json:"token" protobuf:"bytes,1,opt,name=token"`
// ExpirationTimestmap is the time of expiration of the returned token.
ExpirationTimestamp metav1.Time `json:"expirationTimestamp" protobuf:"bytes,2,opt,name=expirationTimestamp"`
}
// BoundObjectReference is a reference to an object that a token is bound to.
type BoundObjectReference struct {
// Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
// +optional
Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"`
// API version of the referent.
// +optional
APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=aPIVersion"`
// Name of the referent.
// +optional
Name string `json:"name,omitempty" protobuf:"bytes,3,opt,name=name"`
// UID of the referent.
// +optional
UID types.UID `json:"uid,omitempty" protobuf:"bytes,4,opt,name=uID,casttype=k8s.io/apimachinery/pkg/types.UID"`
}

41
staging/src/k8s.io/api/authentication/v1beta1/types_swagger_doc_generated.go generated
View File

@ -27,47 +27,6 @@ package v1beta1
// Those methods can be generated by using hack/update-generated-swagger-docs.sh
// AUTO-GENERATED FUNCTIONS START HERE
var map_BoundObjectReference = map[string]string{
"": "BoundObjectReference is a reference to an object that a token is bound to.",
"kind": "Kind of the referent. Valid kinds are 'Pod' and 'Secret'.",
"apiVersion": "API version of the referent.",
"name": "Name of the referent.",
"uid": "UID of the referent.",
}
func (BoundObjectReference) SwaggerDoc() map[string]string {
return map_BoundObjectReference
}
var map_TokenRequest = map[string]string{
"": "TokenRequest requests a token for a given service account.",
}
func (TokenRequest) SwaggerDoc() map[string]string {
return map_TokenRequest
}
var map_TokenRequestSpec = map[string]string{
"": "TokenRequestSpec contains client provided parameters of a token request.",
"audiences": "Audiences are the intendend audiences of the token. A recipient of a token must identitfy themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.",
"expirationSeconds": "ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.",
"boundObjectRef": "BoundObjectRef is a reference to an object that the token will be bound to. The token will only be valid for as long as the bound objet exists.",
}
func (TokenRequestSpec) SwaggerDoc() map[string]string {
return map_TokenRequestSpec
}
var map_TokenRequestStatus = map[string]string{
"": "TokenRequestStatus is the result of a token request.",
"token": "Token is the opaque bearer token.",
"expirationTimestamp": "ExpirationTimestmap is the time of expiration of the returned token.",
}
func (TokenRequestStatus) SwaggerDoc() map[string]string {
return map_TokenRequestStatus
}
var map_TokenReview = map[string]string{
"": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.",
"spec": "Spec holds information about the request being evaluated",

101
staging/src/k8s.io/api/authentication/v1beta1/zz_generated.deepcopy.go generated
View File

@ -24,107 +24,6 @@ import (
runtime "k8s.io/apimachinery/pkg/runtime"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *BoundObjectReference) DeepCopyInto(out *BoundObjectReference) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BoundObjectReference.
func (in *BoundObjectReference) DeepCopy() *BoundObjectReference {
if in == nil {
return nil
}
out := new(BoundObjectReference)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TokenRequest) DeepCopyInto(out *TokenRequest) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
in.Spec.DeepCopyInto(&out.Spec)
in.Status.DeepCopyInto(&out.Status)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequest.
func (in *TokenRequest) DeepCopy() *TokenRequest {
if in == nil {
return nil
}
out := new(TokenRequest)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *TokenRequest) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
} else {
return nil
}
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TokenRequestSpec) DeepCopyInto(out *TokenRequestSpec) {
*out = *in
if in.Audiences != nil {
in, out := &in.Audiences, &out.Audiences
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.ExpirationSeconds != nil {
in, out := &in.ExpirationSeconds, &out.ExpirationSeconds
if *in == nil {
*out = nil
} else {
*out = new(int64)
**out = **in
}
}
if in.BoundObjectRef != nil {
in, out := &in.BoundObjectRef, &out.BoundObjectRef
if *in == nil {
*out = nil
} else {
*out = new(BoundObjectReference)
**out = **in
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestSpec.
func (in *TokenRequestSpec) DeepCopy() *TokenRequestSpec {
if in == nil {
return nil
}
out := new(TokenRequestSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TokenRequestStatus) DeepCopyInto(out *TokenRequestStatus) {
*out = *in
in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestStatus.
func (in *TokenRequestStatus) DeepCopy() *TokenRequestStatus {
if in == nil {
return nil
}
out := new(TokenRequestStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TokenReview) DeepCopyInto(out *TokenReview) {
*out = *in

3
test/integration/etcd/etcd_storage_path_test.go
View File

@ -437,8 +437,7 @@ var ephemeralWhiteList = createEphemeralWhiteList(
// --
// k8s.io/kubernetes/pkg/apis/authentication/v1beta1
gvr("authentication.k8s.io", "v1beta1", "tokenreviews"), // not stored in etcd
gvr("authentication.k8s.io", "v1beta1", "tokenrequests"), // not stored in etcd
gvr("authentication.k8s.io", "v1beta1", "tokenreviews"), // not stored in etcd
// --
// k8s.io/kubernetes/pkg/apis/authentication/v1