Merge pull request #59437 from mikedanese/id-api

Automatic merge from submit-queue (batch tested with PRs 58444, 59283, 59437, 59325, 59449). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. authentication: remove TokenRequest from authentication.k8s.io/v1beta1 We don't actually need v1beta1 TokenRequest so should we leave the API group sparse? https://github.com/kubernetes/kubernetes/issues/58790 ```release-note NONE ```
2025-07-24 20:24:09 +00:00 · 2018-02-06 22:42:38 -08:00 · 2018-02-06 22:42:38 -08:00 · 1f3c66fba7
commit 1f3c66fba7
parent fbf7805e3c 33a8f39a03
10 changed files with 54 additions and 1288 deletions
--- a/pkg/apis/authentication/v1beta1/BUILD
+++ b/pkg/apis/authentication/v1beta1/BUILD
@ -19,11 +19,9 @@ go_library(
    deps = [
        "//pkg/apis/authentication:go_default_library",
        "//vendor/k8s.io/api/authentication/v1beta1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
    ],
 )
--- a/pkg/apis/authentication/v1beta1/zz_generated.conversion.go
+++ b/pkg/apis/authentication/v1beta1/zz_generated.conversion.go
@ -24,10 +24,8 @@ import (
 	unsafe "unsafe"
 	v1beta1 "k8s.io/api/authentication/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	types "k8s.io/apimachinery/pkg/types"
 	authentication "k8s.io/kubernetes/pkg/apis/authentication"
 )
@ -39,14 +37,6 @@ func init() {
 // Public to allow building arbitrary schemes.
 func RegisterConversions(scheme *runtime.Scheme) error {
 	return scheme.AddGeneratedConversionFuncs(
 		Convert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference,
 		Convert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference,
 		Convert_v1beta1_TokenRequest_To_authentication_TokenRequest,
 		Convert_authentication_TokenRequest_To_v1beta1_TokenRequest,
 		Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec,
 		Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec,
 		Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus,
 		Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus,
 		Convert_v1beta1_TokenReview_To_authentication_TokenReview,
 		Convert_authentication_TokenReview_To_v1beta1_TokenReview,
 		Convert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec,
@ -58,114 +48,6 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 	)
 }
 func autoConvert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference(in *v1beta1.BoundObjectReference, out *authentication.BoundObjectReference, s conversion.Scope) error {
 	out.Kind = in.Kind
 	out.APIVersion = in.APIVersion
 	out.Name = in.Name
 	out.UID = types.UID(in.UID)
 	return nil
 }
 // Convert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference is an autogenerated conversion function.
 func Convert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference(in *v1beta1.BoundObjectReference, out *authentication.BoundObjectReference, s conversion.Scope) error {
 	return autoConvert_v1beta1_BoundObjectReference_To_authentication_BoundObjectReference(in, out, s)
 }
 func autoConvert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference(in *authentication.BoundObjectReference, out *v1beta1.BoundObjectReference, s conversion.Scope) error {
 	out.Kind = in.Kind
 	out.APIVersion = in.APIVersion
 	out.Name = in.Name
 	out.UID = types.UID(in.UID)
 	return nil
 }
 // Convert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference is an autogenerated conversion function.
 func Convert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference(in *authentication.BoundObjectReference, out *v1beta1.BoundObjectReference, s conversion.Scope) error {
 	return autoConvert_authentication_BoundObjectReference_To_v1beta1_BoundObjectReference(in, out, s)
 }
 func autoConvert_v1beta1_TokenRequest_To_authentication_TokenRequest(in *v1beta1.TokenRequest, out *authentication.TokenRequest, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(&in.Spec, &out.Spec, s); err != nil {
 		return err
 	}
 	if err := Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(&in.Status, &out.Status, s); err != nil {
 		return err
 	}
 	return nil
 }
 // Convert_v1beta1_TokenRequest_To_authentication_TokenRequest is an autogenerated conversion function.
 func Convert_v1beta1_TokenRequest_To_authentication_TokenRequest(in *v1beta1.TokenRequest, out *authentication.TokenRequest, s conversion.Scope) error {
 	return autoConvert_v1beta1_TokenRequest_To_authentication_TokenRequest(in, out, s)
 }
 func autoConvert_authentication_TokenRequest_To_v1beta1_TokenRequest(in *authentication.TokenRequest, out *v1beta1.TokenRequest, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(&in.Spec, &out.Spec, s); err != nil {
 		return err
 	}
 	if err := Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(&in.Status, &out.Status, s); err != nil {
 		return err
 	}
 	return nil
 }
 // Convert_authentication_TokenRequest_To_v1beta1_TokenRequest is an autogenerated conversion function.
 func Convert_authentication_TokenRequest_To_v1beta1_TokenRequest(in *authentication.TokenRequest, out *v1beta1.TokenRequest, s conversion.Scope) error {
 	return autoConvert_authentication_TokenRequest_To_v1beta1_TokenRequest(in, out, s)
 }
 func autoConvert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(in *v1beta1.TokenRequestSpec, out *authentication.TokenRequestSpec, s conversion.Scope) error {
 	out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
 	if err := v1.Convert_Pointer_int64_To_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil {
 		return err
 	}
 	out.BoundObjectRef = (*authentication.BoundObjectReference)(unsafe.Pointer(in.BoundObjectRef))
 	return nil
 }
 // Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec is an autogenerated conversion function.
 func Convert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(in *v1beta1.TokenRequestSpec, out *authentication.TokenRequestSpec, s conversion.Scope) error {
 	return autoConvert_v1beta1_TokenRequestSpec_To_authentication_TokenRequestSpec(in, out, s)
 }
 func autoConvert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(in *authentication.TokenRequestSpec, out *v1beta1.TokenRequestSpec, s conversion.Scope) error {
 	out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
 	if err := v1.Convert_int64_To_Pointer_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil {
 		return err
 	}
 	out.BoundObjectRef = (*v1beta1.BoundObjectReference)(unsafe.Pointer(in.BoundObjectRef))
 	return nil
 }
 // Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec is an autogenerated conversion function.
 func Convert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(in *authentication.TokenRequestSpec, out *v1beta1.TokenRequestSpec, s conversion.Scope) error {
 	return autoConvert_authentication_TokenRequestSpec_To_v1beta1_TokenRequestSpec(in, out, s)
 }
 func autoConvert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(in *v1beta1.TokenRequestStatus, out *authentication.TokenRequestStatus, s conversion.Scope) error {
 	out.Token = in.Token
 	out.ExpirationTimestamp = in.ExpirationTimestamp
 	return nil
 }
 // Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus is an autogenerated conversion function.
 func Convert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(in *v1beta1.TokenRequestStatus, out *authentication.TokenRequestStatus, s conversion.Scope) error {
 	return autoConvert_v1beta1_TokenRequestStatus_To_authentication_TokenRequestStatus(in, out, s)
 }
 func autoConvert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(in *authentication.TokenRequestStatus, out *v1beta1.TokenRequestStatus, s conversion.Scope) error {
 	out.Token = in.Token
 	out.ExpirationTimestamp = in.ExpirationTimestamp
 	return nil
 }
 // Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus is an autogenerated conversion function.
 func Convert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(in *authentication.TokenRequestStatus, out *v1beta1.TokenRequestStatus, s conversion.Scope) error {
 	return autoConvert_authentication_TokenRequestStatus_To_v1beta1_TokenRequestStatus(in, out, s)
 }
 func autoConvert_v1beta1_TokenReview_To_authentication_TokenReview(in *v1beta1.TokenReview, out *authentication.TokenReview, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec(&in.Spec, &out.Spec, s); err != nil {
--- a/staging/src/k8s.io/api/authentication/v1beta1/BUILD
+++ b/staging/src/k8s.io/api/authentication/v1beta1/BUILD
@ -22,7 +22,6 @@ go_library(
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
    ],
 )
--- a/staging/src/k8s.io/api/authentication/v1beta1/generated.pb.go
+++ b/staging/src/k8s.io/api/authentication/v1beta1/generated.pb.go
--- a/staging/src/k8s.io/api/authentication/v1beta1/generated.proto
+++ b/staging/src/k8s.io/api/authentication/v1beta1/generated.proto
@ -29,25 +29,6 @@ import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
 // Package-wide variables from generator "generated".
 option go_package = "v1beta1";
 // BoundObjectReference is a reference to an object that a token is bound to.
 message BoundObjectReference {
  // Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
  // +optional
  optional string kind = 1;
  // API version of the referent.
  // +optional
  optional string aPIVersion = 2;
  // Name of the referent.
  // +optional
  optional string name = 3;
  // UID of the referent.
  // +optional
  optional string uID = 4;
 }
 // ExtraValue masks the value so protobuf can generate
 // +protobuf.nullable=true
 // +protobuf.options.(gogoproto.goproto_stringer)=false
@ -57,48 +38,6 @@ message ExtraValue {
  repeated string items = 1;
 }
 // TokenRequest requests a token for a given service account.
 message TokenRequest {
  // +optional
  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
  optional TokenRequestSpec spec = 2;
  // +optional
  optional TokenRequestStatus status = 3;
 }
 // TokenRequestSpec contains client provided parameters of a token request.
 message TokenRequestSpec {
  // Audiences are the intendend audiences of the token. A recipient of a
  // token must identitfy themself with an identifier in the list of
  // audiences of the token, and otherwise should reject the token. A
  // token issued for multiple audiences may be used to authenticate
  // against any of the audiences listed but implies a high degree of
  // trust between the target audiences.
  repeated string audiences = 1;
  // ExpirationSeconds is the requested duration of validity of the request. The
  // token issuer may return a token with a different validity duration so a
  // client needs to check the 'expiration' field in a response.
  // +optional
  optional int64 expirationSeconds = 4;
  // BoundObjectRef is a reference to an object that the token will be bound to.
  // The token will only be valid for as long as the bound objet exists.
  // +optional
  optional BoundObjectReference boundObjectRef = 3;
 }
 // TokenRequestStatus is the result of a token request.
 message TokenRequestStatus {
  // Token is the opaque bearer token.
  optional string token = 1;
  // ExpirationTimestmap is the time of expiration of the returned token.
  optional k8s.io.apimachinery.pkg.apis.meta.v1.Time expirationTimestamp = 2;
 }
 // TokenReview attempts to authenticate a token to a known user.
 // Note: TokenReview requests may be cached by the webhook token authenticator
 // plugin in the kube-apiserver.
--- a/staging/src/k8s.io/api/authentication/v1beta1/register.go
+++ b/staging/src/k8s.io/api/authentication/v1beta1/register.go
@ -45,7 +45,6 @@ var (
 func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&TokenReview{},
 		&TokenRequest{},
 	)
 	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
 	return nil
--- a/staging/src/k8s.io/api/authentication/v1beta1/types.go
+++ b/staging/src/k8s.io/api/authentication/v1beta1/types.go
@ -20,7 +20,6 @@ import (
 	"fmt"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 )
 // +genclient
@ -91,63 +90,3 @@ type ExtraValue []string
 func (t ExtraValue) String() string {
 	return fmt.Sprintf("%v", []string(t))
 }
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // TokenRequest requests a token for a given service account.
 type TokenRequest struct {
 	metav1.TypeMeta `json:",inline"`
 	// +optional
 	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
 	Spec TokenRequestSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
 	// +optional
 	Status TokenRequestStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
 }
 // TokenRequestSpec contains client provided parameters of a token request.
 type TokenRequestSpec struct {
 	// Audiences are the intendend audiences of the token. A recipient of a
 	// token must identitfy themself with an identifier in the list of
 	// audiences of the token, and otherwise should reject the token. A
 	// token issued for multiple audiences may be used to authenticate
 	// against any of the audiences listed but implies a high degree of
 	// trust between the target audiences.
 	Audiences []string `json:"audiences" protobuf:"bytes,1,rep,name=audiences"`
 	// ExpirationSeconds is the requested duration of validity of the request. The
 	// token issuer may return a token with a different validity duration so a
 	// client needs to check the 'expiration' field in a response.
 	// +optional
 	ExpirationSeconds *int64 `json:"expirationSeconds" protobuf:"varint,4,opt,name=expirationSeconds"`
 	// BoundObjectRef is a reference to an object that the token will be bound to.
 	// The token will only be valid for as long as the bound objet exists.
 	// +optional
 	BoundObjectRef *BoundObjectReference `json:"boundObjectRef" protobuf:"bytes,3,opt,name=boundObjectRef"`
 }
 // TokenRequestStatus is the result of a token request.
 type TokenRequestStatus struct {
 	// Token is the opaque bearer token.
 	Token string `json:"token" protobuf:"bytes,1,opt,name=token"`
 	// ExpirationTimestmap is the time of expiration of the returned token.
 	ExpirationTimestamp metav1.Time `json:"expirationTimestamp" protobuf:"bytes,2,opt,name=expirationTimestamp"`
 }
 // BoundObjectReference is a reference to an object that a token is bound to.
 type BoundObjectReference struct {
 	// Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
 	// +optional
 	Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"`
 	// API version of the referent.
 	// +optional
 	APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=aPIVersion"`
 	// Name of the referent.
 	// +optional
 	Name string `json:"name,omitempty" protobuf:"bytes,3,opt,name=name"`
 	// UID of the referent.
 	// +optional
 	UID types.UID `json:"uid,omitempty" protobuf:"bytes,4,opt,name=uID,casttype=k8s.io/apimachinery/pkg/types.UID"`
 }
--- a/staging/src/k8s.io/api/authentication/v1beta1/types_swagger_doc_generated.go
+++ b/staging/src/k8s.io/api/authentication/v1beta1/types_swagger_doc_generated.go
@ -27,47 +27,6 @@ package v1beta1
 // Those methods can be generated by using hack/update-generated-swagger-docs.sh
 // AUTO-GENERATED FUNCTIONS START HERE
 var map_BoundObjectReference = map[string]string{
 	"":           "BoundObjectReference is a reference to an object that a token is bound to.",
 	"kind":       "Kind of the referent. Valid kinds are 'Pod' and 'Secret'.",
 	"apiVersion": "API version of the referent.",
 	"name":       "Name of the referent.",
 	"uid":        "UID of the referent.",
 }
 func (BoundObjectReference) SwaggerDoc() map[string]string {
 	return map_BoundObjectReference
 }
 var map_TokenRequest = map[string]string{
 	"": "TokenRequest requests a token for a given service account.",
 }
 func (TokenRequest) SwaggerDoc() map[string]string {
 	return map_TokenRequest
 }
 var map_TokenRequestSpec = map[string]string{
 	"":                  "TokenRequestSpec contains client provided parameters of a token request.",
 	"audiences":         "Audiences are the intendend audiences of the token. A recipient of a token must identitfy themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.",
 	"expirationSeconds": "ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.",
 	"boundObjectRef":    "BoundObjectRef is a reference to an object that the token will be bound to. The token will only be valid for as long as the bound objet exists.",
 }
 func (TokenRequestSpec) SwaggerDoc() map[string]string {
 	return map_TokenRequestSpec
 }
 var map_TokenRequestStatus = map[string]string{
 	"":                    "TokenRequestStatus is the result of a token request.",
 	"token":               "Token is the opaque bearer token.",
 	"expirationTimestamp": "ExpirationTimestmap is the time of expiration of the returned token.",
 }
 func (TokenRequestStatus) SwaggerDoc() map[string]string {
 	return map_TokenRequestStatus
 }
 var map_TokenReview = map[string]string{
 	"":       "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.",
 	"spec":   "Spec holds information about the request being evaluated",
--- a/staging/src/k8s.io/api/authentication/v1beta1/zz_generated.deepcopy.go
+++ b/staging/src/k8s.io/api/authentication/v1beta1/zz_generated.deepcopy.go
@ -24,107 +24,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *BoundObjectReference) DeepCopyInto(out *BoundObjectReference) {
 	*out = *in
 	return
 }
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BoundObjectReference.
 func (in *BoundObjectReference) DeepCopy() *BoundObjectReference {
 	if in == nil {
 		return nil
 	}
 	out := new(BoundObjectReference)
 	in.DeepCopyInto(out)
 	return out
 }
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TokenRequest) DeepCopyInto(out *TokenRequest) {
 	*out = *in
 	out.TypeMeta = in.TypeMeta
 	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
 	in.Spec.DeepCopyInto(&out.Spec)
 	in.Status.DeepCopyInto(&out.Status)
 	return
 }
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequest.
 func (in *TokenRequest) DeepCopy() *TokenRequest {
 	if in == nil {
 		return nil
 	}
 	out := new(TokenRequest)
 	in.DeepCopyInto(out)
 	return out
 }
 // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
 func (in *TokenRequest) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
 	} else {
 		return nil
 	}
 }
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TokenRequestSpec) DeepCopyInto(out *TokenRequestSpec) {
 	*out = *in
 	if in.Audiences != nil {
 		in, out := &in.Audiences, &out.Audiences
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
 	if in.ExpirationSeconds != nil {
 		in, out := &in.ExpirationSeconds, &out.ExpirationSeconds
 		if *in == nil {
 			*out = nil
 		} else {
 			*out = new(int64)
 			**out = **in
 		}
 	}
 	if in.BoundObjectRef != nil {
 		in, out := &in.BoundObjectRef, &out.BoundObjectRef
 		if *in == nil {
 			*out = nil
 		} else {
 			*out = new(BoundObjectReference)
 			**out = **in
 		}
 	}
 	return
 }
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestSpec.
 func (in *TokenRequestSpec) DeepCopy() *TokenRequestSpec {
 	if in == nil {
 		return nil
 	}
 	out := new(TokenRequestSpec)
 	in.DeepCopyInto(out)
 	return out
 }
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TokenRequestStatus) DeepCopyInto(out *TokenRequestStatus) {
 	*out = *in
 	in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp)
 	return
 }
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestStatus.
 func (in *TokenRequestStatus) DeepCopy() *TokenRequestStatus {
 	if in == nil {
 		return nil
 	}
 	out := new(TokenRequestStatus)
 	in.DeepCopyInto(out)
 	return out
 }
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TokenReview) DeepCopyInto(out *TokenReview) {
 	*out = *in
--- a/test/integration/etcd/etcd_storage_path_test.go
+++ b/test/integration/etcd/etcd_storage_path_test.go
@ -437,8 +437,7 @@ var ephemeralWhiteList = createEphemeralWhiteList(
 	// --
 	// k8s.io/kubernetes/pkg/apis/authentication/v1beta1
-	gvr("authentication.k8s.io", "v1beta1", "tokenreviews"),  // not stored in etcd
+	gvr("authentication.k8s.io", "v1beta1", "tokenreviews"), // not stored in etcd
 	gvr("authentication.k8s.io", "v1beta1", "tokenrequests"), // not stored in etcd
 	// --
 	// k8s.io/kubernetes/pkg/apis/authentication/v1