mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-19 18:02:01 +00:00
remove psp in extensions api/apis
This commit is contained in:
Paco Xu
parent
cc0f828058
commit
25686a2c77
@ -155,7 +155,6 @@ API rule violation: list_type_missing,k8s.io/api/core/v1,TopologySelectorLabelRe
|
||||
API rule violation: list_type_missing,k8s.io/api/core/v1,TopologySelectorTerm,MatchLabelExpressions
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,DaemonSetStatus,Conditions
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,DeploymentStatus,Conditions
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,FSGroupStrategyOptions,Ranges
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,HTTPIngressRuleValue,Paths
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,IPBlock,Except
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,IngressLoadBalancerStatus,Ingress
|
||||
@ -169,22 +168,7 @@ API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,NetworkPolic
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,NetworkPolicySpec,Egress
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,NetworkPolicySpec,Ingress
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,NetworkPolicySpec,PolicyTypes
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,AllowedCSIDrivers
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,AllowedCapabilities
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,AllowedFlexVolumes
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,AllowedHostPaths
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,AllowedProcMountTypes
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,AllowedUnsafeSysctls
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,DefaultAddCapabilities
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,ForbiddenSysctls
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,HostPorts
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,RequiredDropCapabilities
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,PodSecurityPolicySpec,Volumes
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,ReplicaSetStatus,Conditions
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,RunAsGroupStrategyOptions,Ranges
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,RunAsUserStrategyOptions,Ranges
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,RuntimeClassStrategyOptions,AllowedRuntimeClassNames
|
||||
API rule violation: list_type_missing,k8s.io/api/extensions/v1beta1,SupplementalGroupsStrategyOptions,Ranges
|
||||
API rule violation: list_type_missing,k8s.io/api/imagepolicy/v1alpha1,ImageReviewSpec,Containers
|
||||
API rule violation: list_type_missing,k8s.io/api/networking/v1,IPBlock,Except
|
||||
API rule violation: list_type_missing,k8s.io/api/networking/v1,IngressLoadBalancerStatus,Ingress
|
||||
|
||||
@ -115,8 +115,6 @@ func TestDefaulting(t *testing.T) {
|
||||
{Group: "apps", Version: "v1", Kind: "DeploymentList"}: {},
|
||||
{Group: "extensions", Version: "v1beta1", Kind: "Ingress"}: {},
|
||||
{Group: "extensions", Version: "v1beta1", Kind: "IngressList"}: {},
|
||||
{Group: "extensions", Version: "v1beta1", Kind: "PodSecurityPolicy"}: {},
|
||||
{Group: "extensions", Version: "v1beta1", Kind: "PodSecurityPolicyList"}: {},
|
||||
{Group: "apps", Version: "v1beta2", Kind: "ReplicaSet"}: {},
|
||||
{Group: "apps", Version: "v1beta2", Kind: "ReplicaSetList"}: {},
|
||||
{Group: "apps", Version: "v1", Kind: "ReplicaSet"}: {},
|
||||
|
||||
@ -22,7 +22,6 @@ import (
|
||||
"k8s.io/kubernetes/pkg/apis/apps"
|
||||
"k8s.io/kubernetes/pkg/apis/autoscaling"
|
||||
"k8s.io/kubernetes/pkg/apis/networking"
|
||||
"k8s.io/kubernetes/pkg/apis/policy"
|
||||
)
|
||||
|
||||
// GroupName is the group name use in this package
|
||||
@ -60,8 +59,6 @@ func addKnownTypes(scheme *runtime.Scheme) error {
|
||||
&networking.IngressList{},
|
||||
&apps.ReplicaSet{},
|
||||
&apps.ReplicaSetList{},
|
||||
&policy.PodSecurityPolicy{},
|
||||
&policy.PodSecurityPolicyList{},
|
||||
&autoscaling.Scale{},
|
||||
&networking.NetworkPolicy{},
|
||||
&networking.NetworkPolicyList{},
|
||||
|
||||
@ -70,15 +70,6 @@ func SetDefaults_DaemonSet(obj *extensionsv1beta1.DaemonSet) {
|
||||
}
|
||||
}
|
||||
|
||||
func SetDefaults_PodSecurityPolicySpec(obj *extensionsv1beta1.PodSecurityPolicySpec) {
|
||||
// This field was added after PodSecurityPolicy was released.
|
||||
// Policies that do not include this field must remain as permissive as they were prior to the introduction of this field.
|
||||
if obj.AllowPrivilegeEscalation == nil {
|
||||
t := true
|
||||
obj.AllowPrivilegeEscalation = &t
|
||||
}
|
||||
}
|
||||
|
||||
func SetDefaults_Deployment(obj *extensionsv1beta1.Deployment) {
|
||||
// Default labels and selector to labels from pod template spec.
|
||||
labels := obj.Spec.Template.Labels
|
||||
|
||||
@ -520,15 +520,6 @@ func TestDefaultRequestIsNotSetForReplicaSet(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestDefaultAllowPrivilegeEscalationForPodSecurityPolicy(t *testing.T) {
|
||||
psp := &extensionsv1beta1.PodSecurityPolicy{}
|
||||
output := roundTrip(t, runtime.Object(psp))
|
||||
psp2 := output.(*extensionsv1beta1.PodSecurityPolicy)
|
||||
if psp2.Spec.AllowPrivilegeEscalation == nil || *psp2.Spec.AllowPrivilegeEscalation != true {
|
||||
t.Errorf("Expected default to true, got: %#v", psp2.Spec.AllowPrivilegeEscalation)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSetDefaultNetworkPolicy(t *testing.T) {
|
||||
tests := []struct {
|
||||
original *extensionsv1beta1.NetworkPolicy
|
||||
|
||||
533
pkg/apis/extensions/v1beta1/zz_generated.conversion.go
generated
533
pkg/apis/extensions/v1beta1/zz_generated.conversion.go
generated
@ -35,7 +35,6 @@ import (
|
||||
core "k8s.io/kubernetes/pkg/apis/core"
|
||||
corev1 "k8s.io/kubernetes/pkg/apis/core/v1"
|
||||
networking "k8s.io/kubernetes/pkg/apis/networking"
|
||||
policy "k8s.io/kubernetes/pkg/apis/policy"
|
||||
)
|
||||
|
||||
func init() {
|
||||
@ -45,36 +44,6 @@ func init() {
|
||||
// RegisterConversions adds conversion functions to the given scheme.
|
||||
// Public to allow building arbitrary schemes.
|
||||
func RegisterConversions(s *runtime.Scheme) error {
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.AllowedCSIDriver)(nil), (*policy.AllowedCSIDriver)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_AllowedCSIDriver_To_policy_AllowedCSIDriver(a.(*v1beta1.AllowedCSIDriver), b.(*policy.AllowedCSIDriver), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.AllowedCSIDriver)(nil), (*v1beta1.AllowedCSIDriver)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_AllowedCSIDriver_To_v1beta1_AllowedCSIDriver(a.(*policy.AllowedCSIDriver), b.(*v1beta1.AllowedCSIDriver), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.AllowedFlexVolume)(nil), (*policy.AllowedFlexVolume)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_AllowedFlexVolume_To_policy_AllowedFlexVolume(a.(*v1beta1.AllowedFlexVolume), b.(*policy.AllowedFlexVolume), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.AllowedFlexVolume)(nil), (*v1beta1.AllowedFlexVolume)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume(a.(*policy.AllowedFlexVolume), b.(*v1beta1.AllowedFlexVolume), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.AllowedHostPath)(nil), (*policy.AllowedHostPath)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_AllowedHostPath_To_policy_AllowedHostPath(a.(*v1beta1.AllowedHostPath), b.(*policy.AllowedHostPath), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.AllowedHostPath)(nil), (*v1beta1.AllowedHostPath)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_AllowedHostPath_To_v1beta1_AllowedHostPath(a.(*policy.AllowedHostPath), b.(*v1beta1.AllowedHostPath), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.DaemonSet)(nil), (*apps.DaemonSet)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_DaemonSet_To_apps_DaemonSet(a.(*v1beta1.DaemonSet), b.(*apps.DaemonSet), scope)
|
||||
}); err != nil {
|
||||
@ -205,16 +174,6 @@ func RegisterConversions(s *runtime.Scheme) error {
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.FSGroupStrategyOptions)(nil), (*policy.FSGroupStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_FSGroupStrategyOptions_To_policy_FSGroupStrategyOptions(a.(*v1beta1.FSGroupStrategyOptions), b.(*policy.FSGroupStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.FSGroupStrategyOptions)(nil), (*v1beta1.FSGroupStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(a.(*policy.FSGroupStrategyOptions), b.(*v1beta1.FSGroupStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.HTTPIngressPath)(nil), (*networking.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(a.(*v1beta1.HTTPIngressPath), b.(*networking.HTTPIngressPath), scope)
|
||||
}); err != nil {
|
||||
@ -235,26 +194,6 @@ func RegisterConversions(s *runtime.Scheme) error {
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.HostPortRange)(nil), (*policy.HostPortRange)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_HostPortRange_To_policy_HostPortRange(a.(*v1beta1.HostPortRange), b.(*policy.HostPortRange), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.HostPortRange)(nil), (*v1beta1.HostPortRange)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_HostPortRange_To_v1beta1_HostPortRange(a.(*policy.HostPortRange), b.(*v1beta1.HostPortRange), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.IDRange)(nil), (*policy.IDRange)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_IDRange_To_policy_IDRange(a.(*v1beta1.IDRange), b.(*policy.IDRange), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.IDRange)(nil), (*v1beta1.IDRange)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_IDRange_To_v1beta1_IDRange(a.(*policy.IDRange), b.(*v1beta1.IDRange), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.Ingress)(nil), (*networking.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_Ingress_To_networking_Ingress(a.(*v1beta1.Ingress), b.(*networking.Ingress), scope)
|
||||
}); err != nil {
|
||||
@ -395,36 +334,6 @@ func RegisterConversions(s *runtime.Scheme) error {
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.PodSecurityPolicy)(nil), (*policy.PodSecurityPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_PodSecurityPolicy_To_policy_PodSecurityPolicy(a.(*v1beta1.PodSecurityPolicy), b.(*policy.PodSecurityPolicy), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.PodSecurityPolicy)(nil), (*v1beta1.PodSecurityPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(a.(*policy.PodSecurityPolicy), b.(*v1beta1.PodSecurityPolicy), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.PodSecurityPolicyList)(nil), (*policy.PodSecurityPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_PodSecurityPolicyList_To_policy_PodSecurityPolicyList(a.(*v1beta1.PodSecurityPolicyList), b.(*policy.PodSecurityPolicyList), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.PodSecurityPolicyList)(nil), (*v1beta1.PodSecurityPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList(a.(*policy.PodSecurityPolicyList), b.(*v1beta1.PodSecurityPolicyList), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.PodSecurityPolicySpec)(nil), (*policy.PodSecurityPolicySpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_PodSecurityPolicySpec_To_policy_PodSecurityPolicySpec(a.(*v1beta1.PodSecurityPolicySpec), b.(*policy.PodSecurityPolicySpec), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.PodSecurityPolicySpec)(nil), (*v1beta1.PodSecurityPolicySpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(a.(*policy.PodSecurityPolicySpec), b.(*v1beta1.PodSecurityPolicySpec), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.ReplicaSet)(nil), (*apps.ReplicaSet)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_ReplicaSet_To_apps_ReplicaSet(a.(*v1beta1.ReplicaSet), b.(*apps.ReplicaSet), scope)
|
||||
}); err != nil {
|
||||
@ -505,46 +414,6 @@ func RegisterConversions(s *runtime.Scheme) error {
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.RunAsGroupStrategyOptions)(nil), (*policy.RunAsGroupStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_RunAsGroupStrategyOptions_To_policy_RunAsGroupStrategyOptions(a.(*v1beta1.RunAsGroupStrategyOptions), b.(*policy.RunAsGroupStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.RunAsGroupStrategyOptions)(nil), (*v1beta1.RunAsGroupStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_RunAsGroupStrategyOptions_To_v1beta1_RunAsGroupStrategyOptions(a.(*policy.RunAsGroupStrategyOptions), b.(*v1beta1.RunAsGroupStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.RunAsUserStrategyOptions)(nil), (*policy.RunAsUserStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_RunAsUserStrategyOptions_To_policy_RunAsUserStrategyOptions(a.(*v1beta1.RunAsUserStrategyOptions), b.(*policy.RunAsUserStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.RunAsUserStrategyOptions)(nil), (*v1beta1.RunAsUserStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(a.(*policy.RunAsUserStrategyOptions), b.(*v1beta1.RunAsUserStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.RuntimeClassStrategyOptions)(nil), (*policy.RuntimeClassStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_RuntimeClassStrategyOptions_To_policy_RuntimeClassStrategyOptions(a.(*v1beta1.RuntimeClassStrategyOptions), b.(*policy.RuntimeClassStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.RuntimeClassStrategyOptions)(nil), (*v1beta1.RuntimeClassStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_RuntimeClassStrategyOptions_To_v1beta1_RuntimeClassStrategyOptions(a.(*policy.RuntimeClassStrategyOptions), b.(*v1beta1.RuntimeClassStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.SELinuxStrategyOptions)(nil), (*policy.SELinuxStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_SELinuxStrategyOptions_To_policy_SELinuxStrategyOptions(a.(*v1beta1.SELinuxStrategyOptions), b.(*policy.SELinuxStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.SELinuxStrategyOptions)(nil), (*v1beta1.SELinuxStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(a.(*policy.SELinuxStrategyOptions), b.(*v1beta1.SELinuxStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.Scale)(nil), (*autoscaling.Scale)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_Scale_To_autoscaling_Scale(a.(*v1beta1.Scale), b.(*autoscaling.Scale), scope)
|
||||
}); err != nil {
|
||||
@ -565,16 +434,6 @@ func RegisterConversions(s *runtime.Scheme) error {
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1beta1.SupplementalGroupsStrategyOptions)(nil), (*policy.SupplementalGroupsStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1beta1_SupplementalGroupsStrategyOptions_To_policy_SupplementalGroupsStrategyOptions(a.(*v1beta1.SupplementalGroupsStrategyOptions), b.(*policy.SupplementalGroupsStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*policy.SupplementalGroupsStrategyOptions)(nil), (*v1beta1.SupplementalGroupsStrategyOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_policy_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(a.(*policy.SupplementalGroupsStrategyOptions), b.(*v1beta1.SupplementalGroupsStrategyOptions), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddConversionFunc((*autoscaling.ScaleStatus)(nil), (*v1beta1.ScaleStatus)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_autoscaling_ScaleStatus_To_v1beta1_ScaleStatus(a.(*autoscaling.ScaleStatus), b.(*v1beta1.ScaleStatus), scope)
|
||||
}); err != nil {
|
||||
@ -648,68 +507,6 @@ func RegisterConversions(s *runtime.Scheme) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_AllowedCSIDriver_To_policy_AllowedCSIDriver(in *v1beta1.AllowedCSIDriver, out *policy.AllowedCSIDriver, s conversion.Scope) error {
|
||||
out.Name = in.Name
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_AllowedCSIDriver_To_policy_AllowedCSIDriver is an autogenerated conversion function.
|
||||
func Convert_v1beta1_AllowedCSIDriver_To_policy_AllowedCSIDriver(in *v1beta1.AllowedCSIDriver, out *policy.AllowedCSIDriver, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_AllowedCSIDriver_To_policy_AllowedCSIDriver(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_AllowedCSIDriver_To_v1beta1_AllowedCSIDriver(in *policy.AllowedCSIDriver, out *v1beta1.AllowedCSIDriver, s conversion.Scope) error {
|
||||
out.Name = in.Name
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_AllowedCSIDriver_To_v1beta1_AllowedCSIDriver is an autogenerated conversion function.
|
||||
func Convert_policy_AllowedCSIDriver_To_v1beta1_AllowedCSIDriver(in *policy.AllowedCSIDriver, out *v1beta1.AllowedCSIDriver, s conversion.Scope) error {
|
||||
return autoConvert_policy_AllowedCSIDriver_To_v1beta1_AllowedCSIDriver(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_AllowedFlexVolume_To_policy_AllowedFlexVolume(in *v1beta1.AllowedFlexVolume, out *policy.AllowedFlexVolume, s conversion.Scope) error {
|
||||
out.Driver = in.Driver
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_AllowedFlexVolume_To_policy_AllowedFlexVolume is an autogenerated conversion function.
|
||||
func Convert_v1beta1_AllowedFlexVolume_To_policy_AllowedFlexVolume(in *v1beta1.AllowedFlexVolume, out *policy.AllowedFlexVolume, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_AllowedFlexVolume_To_policy_AllowedFlexVolume(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume(in *policy.AllowedFlexVolume, out *v1beta1.AllowedFlexVolume, s conversion.Scope) error {
|
||||
out.Driver = in.Driver
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume is an autogenerated conversion function.
|
||||
func Convert_policy_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume(in *policy.AllowedFlexVolume, out *v1beta1.AllowedFlexVolume, s conversion.Scope) error {
|
||||
return autoConvert_policy_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_AllowedHostPath_To_policy_AllowedHostPath(in *v1beta1.AllowedHostPath, out *policy.AllowedHostPath, s conversion.Scope) error {
|
||||
out.PathPrefix = in.PathPrefix
|
||||
out.ReadOnly = in.ReadOnly
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_AllowedHostPath_To_policy_AllowedHostPath is an autogenerated conversion function.
|
||||
func Convert_v1beta1_AllowedHostPath_To_policy_AllowedHostPath(in *v1beta1.AllowedHostPath, out *policy.AllowedHostPath, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_AllowedHostPath_To_policy_AllowedHostPath(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_AllowedHostPath_To_v1beta1_AllowedHostPath(in *policy.AllowedHostPath, out *v1beta1.AllowedHostPath, s conversion.Scope) error {
|
||||
out.PathPrefix = in.PathPrefix
|
||||
out.ReadOnly = in.ReadOnly
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_AllowedHostPath_To_v1beta1_AllowedHostPath is an autogenerated conversion function.
|
||||
func Convert_policy_AllowedHostPath_To_v1beta1_AllowedHostPath(in *policy.AllowedHostPath, out *v1beta1.AllowedHostPath, s conversion.Scope) error {
|
||||
return autoConvert_policy_AllowedHostPath_To_v1beta1_AllowedHostPath(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_DaemonSet_To_apps_DaemonSet(in *v1beta1.DaemonSet, out *apps.DaemonSet, s conversion.Scope) error {
|
||||
out.ObjectMeta = in.ObjectMeta
|
||||
if err := Convert_v1beta1_DaemonSetSpec_To_apps_DaemonSetSpec(&in.Spec, &out.Spec, s); err != nil {
|
||||
@ -1178,28 +975,6 @@ func Convert_apps_DeploymentStrategy_To_v1beta1_DeploymentStrategy(in *apps.Depl
|
||||
return autoConvert_apps_DeploymentStrategy_To_v1beta1_DeploymentStrategy(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_FSGroupStrategyOptions_To_policy_FSGroupStrategyOptions(in *v1beta1.FSGroupStrategyOptions, out *policy.FSGroupStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = policy.FSGroupStrategyType(in.Rule)
|
||||
out.Ranges = *(*[]policy.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_FSGroupStrategyOptions_To_policy_FSGroupStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_v1beta1_FSGroupStrategyOptions_To_policy_FSGroupStrategyOptions(in *v1beta1.FSGroupStrategyOptions, out *policy.FSGroupStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_FSGroupStrategyOptions_To_policy_FSGroupStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in *policy.FSGroupStrategyOptions, out *v1beta1.FSGroupStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = v1beta1.FSGroupStrategyType(in.Rule)
|
||||
out.Ranges = *(*[]v1beta1.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in *policy.FSGroupStrategyOptions, out *v1beta1.FSGroupStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(in *v1beta1.HTTPIngressPath, out *networking.HTTPIngressPath, s conversion.Scope) error {
|
||||
out.Path = in.Path
|
||||
out.PathType = (*networking.PathType)(unsafe.Pointer(in.PathType))
|
||||
@ -1268,50 +1043,6 @@ func Convert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in
|
||||
return autoConvert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_HostPortRange_To_policy_HostPortRange(in *v1beta1.HostPortRange, out *policy.HostPortRange, s conversion.Scope) error {
|
||||
out.Min = in.Min
|
||||
out.Max = in.Max
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_HostPortRange_To_policy_HostPortRange is an autogenerated conversion function.
|
||||
func Convert_v1beta1_HostPortRange_To_policy_HostPortRange(in *v1beta1.HostPortRange, out *policy.HostPortRange, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_HostPortRange_To_policy_HostPortRange(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_HostPortRange_To_v1beta1_HostPortRange(in *policy.HostPortRange, out *v1beta1.HostPortRange, s conversion.Scope) error {
|
||||
out.Min = in.Min
|
||||
out.Max = in.Max
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_HostPortRange_To_v1beta1_HostPortRange is an autogenerated conversion function.
|
||||
func Convert_policy_HostPortRange_To_v1beta1_HostPortRange(in *policy.HostPortRange, out *v1beta1.HostPortRange, s conversion.Scope) error {
|
||||
return autoConvert_policy_HostPortRange_To_v1beta1_HostPortRange(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_IDRange_To_policy_IDRange(in *v1beta1.IDRange, out *policy.IDRange, s conversion.Scope) error {
|
||||
out.Min = in.Min
|
||||
out.Max = in.Max
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_IDRange_To_policy_IDRange is an autogenerated conversion function.
|
||||
func Convert_v1beta1_IDRange_To_policy_IDRange(in *v1beta1.IDRange, out *policy.IDRange, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_IDRange_To_policy_IDRange(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_IDRange_To_v1beta1_IDRange(in *policy.IDRange, out *v1beta1.IDRange, s conversion.Scope) error {
|
||||
out.Min = in.Min
|
||||
out.Max = in.Max
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_IDRange_To_v1beta1_IDRange is an autogenerated conversion function.
|
||||
func Convert_policy_IDRange_To_v1beta1_IDRange(in *policy.IDRange, out *v1beta1.IDRange, s conversion.Scope) error {
|
||||
return autoConvert_policy_IDRange_To_v1beta1_IDRange(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_IPBlock_To_networking_IPBlock(in *v1beta1.IPBlock, out *networking.IPBlock, s conversion.Scope) error {
|
||||
out.CIDR = in.CIDR
|
||||
out.Except = *(*[]string)(unsafe.Pointer(&in.Except))
|
||||
@ -1901,160 +1632,6 @@ func Convert_networking_NetworkPolicyStatus_To_v1beta1_NetworkPolicyStatus(in *n
|
||||
return autoConvert_networking_NetworkPolicyStatus_To_v1beta1_NetworkPolicyStatus(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_PodSecurityPolicy_To_policy_PodSecurityPolicy(in *v1beta1.PodSecurityPolicy, out *policy.PodSecurityPolicy, s conversion.Scope) error {
|
||||
out.ObjectMeta = in.ObjectMeta
|
||||
if err := Convert_v1beta1_PodSecurityPolicySpec_To_policy_PodSecurityPolicySpec(&in.Spec, &out.Spec, s); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_PodSecurityPolicy_To_policy_PodSecurityPolicy is an autogenerated conversion function.
|
||||
func Convert_v1beta1_PodSecurityPolicy_To_policy_PodSecurityPolicy(in *v1beta1.PodSecurityPolicy, out *policy.PodSecurityPolicy, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_PodSecurityPolicy_To_policy_PodSecurityPolicy(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(in *policy.PodSecurityPolicy, out *v1beta1.PodSecurityPolicy, s conversion.Scope) error {
|
||||
out.ObjectMeta = in.ObjectMeta
|
||||
if err := Convert_policy_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(&in.Spec, &out.Spec, s); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy is an autogenerated conversion function.
|
||||
func Convert_policy_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(in *policy.PodSecurityPolicy, out *v1beta1.PodSecurityPolicy, s conversion.Scope) error {
|
||||
return autoConvert_policy_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_PodSecurityPolicyList_To_policy_PodSecurityPolicyList(in *v1beta1.PodSecurityPolicyList, out *policy.PodSecurityPolicyList, s conversion.Scope) error {
|
||||
out.ListMeta = in.ListMeta
|
||||
if in.Items != nil {
|
||||
in, out := &in.Items, &out.Items
|
||||
*out = make([]policy.PodSecurityPolicy, len(*in))
|
||||
for i := range *in {
|
||||
if err := Convert_v1beta1_PodSecurityPolicy_To_policy_PodSecurityPolicy(&(*in)[i], &(*out)[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.Items = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_PodSecurityPolicyList_To_policy_PodSecurityPolicyList is an autogenerated conversion function.
|
||||
func Convert_v1beta1_PodSecurityPolicyList_To_policy_PodSecurityPolicyList(in *v1beta1.PodSecurityPolicyList, out *policy.PodSecurityPolicyList, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_PodSecurityPolicyList_To_policy_PodSecurityPolicyList(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList(in *policy.PodSecurityPolicyList, out *v1beta1.PodSecurityPolicyList, s conversion.Scope) error {
|
||||
out.ListMeta = in.ListMeta
|
||||
if in.Items != nil {
|
||||
in, out := &in.Items, &out.Items
|
||||
*out = make([]v1beta1.PodSecurityPolicy, len(*in))
|
||||
for i := range *in {
|
||||
if err := Convert_policy_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(&(*in)[i], &(*out)[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.Items = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList is an autogenerated conversion function.
|
||||
func Convert_policy_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList(in *policy.PodSecurityPolicyList, out *v1beta1.PodSecurityPolicyList, s conversion.Scope) error {
|
||||
return autoConvert_policy_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_PodSecurityPolicySpec_To_policy_PodSecurityPolicySpec(in *v1beta1.PodSecurityPolicySpec, out *policy.PodSecurityPolicySpec, s conversion.Scope) error {
|
||||
out.Privileged = in.Privileged
|
||||
out.DefaultAddCapabilities = *(*[]core.Capability)(unsafe.Pointer(&in.DefaultAddCapabilities))
|
||||
out.RequiredDropCapabilities = *(*[]core.Capability)(unsafe.Pointer(&in.RequiredDropCapabilities))
|
||||
out.AllowedCapabilities = *(*[]core.Capability)(unsafe.Pointer(&in.AllowedCapabilities))
|
||||
out.Volumes = *(*[]policy.FSType)(unsafe.Pointer(&in.Volumes))
|
||||
out.HostNetwork = in.HostNetwork
|
||||
out.HostPorts = *(*[]policy.HostPortRange)(unsafe.Pointer(&in.HostPorts))
|
||||
out.HostPID = in.HostPID
|
||||
out.HostIPC = in.HostIPC
|
||||
if err := Convert_v1beta1_SELinuxStrategyOptions_To_policy_SELinuxStrategyOptions(&in.SELinux, &out.SELinux, s); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := Convert_v1beta1_RunAsUserStrategyOptions_To_policy_RunAsUserStrategyOptions(&in.RunAsUser, &out.RunAsUser, s); err != nil {
|
||||
return err
|
||||
}
|
||||
out.RunAsGroup = (*policy.RunAsGroupStrategyOptions)(unsafe.Pointer(in.RunAsGroup))
|
||||
if err := Convert_v1beta1_SupplementalGroupsStrategyOptions_To_policy_SupplementalGroupsStrategyOptions(&in.SupplementalGroups, &out.SupplementalGroups, s); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := Convert_v1beta1_FSGroupStrategyOptions_To_policy_FSGroupStrategyOptions(&in.FSGroup, &out.FSGroup, s); err != nil {
|
||||
return err
|
||||
}
|
||||
out.ReadOnlyRootFilesystem = in.ReadOnlyRootFilesystem
|
||||
out.DefaultAllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.DefaultAllowPrivilegeEscalation))
|
||||
if err := metav1.Convert_Pointer_bool_To_bool(&in.AllowPrivilegeEscalation, &out.AllowPrivilegeEscalation, s); err != nil {
|
||||
return err
|
||||
}
|
||||
out.AllowedHostPaths = *(*[]policy.AllowedHostPath)(unsafe.Pointer(&in.AllowedHostPaths))
|
||||
out.AllowedFlexVolumes = *(*[]policy.AllowedFlexVolume)(unsafe.Pointer(&in.AllowedFlexVolumes))
|
||||
out.AllowedCSIDrivers = *(*[]policy.AllowedCSIDriver)(unsafe.Pointer(&in.AllowedCSIDrivers))
|
||||
out.AllowedUnsafeSysctls = *(*[]string)(unsafe.Pointer(&in.AllowedUnsafeSysctls))
|
||||
out.ForbiddenSysctls = *(*[]string)(unsafe.Pointer(&in.ForbiddenSysctls))
|
||||
out.AllowedProcMountTypes = *(*[]core.ProcMountType)(unsafe.Pointer(&in.AllowedProcMountTypes))
|
||||
out.RuntimeClass = (*policy.RuntimeClassStrategyOptions)(unsafe.Pointer(in.RuntimeClass))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_PodSecurityPolicySpec_To_policy_PodSecurityPolicySpec is an autogenerated conversion function.
|
||||
func Convert_v1beta1_PodSecurityPolicySpec_To_policy_PodSecurityPolicySpec(in *v1beta1.PodSecurityPolicySpec, out *policy.PodSecurityPolicySpec, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_PodSecurityPolicySpec_To_policy_PodSecurityPolicySpec(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(in *policy.PodSecurityPolicySpec, out *v1beta1.PodSecurityPolicySpec, s conversion.Scope) error {
|
||||
out.Privileged = in.Privileged
|
||||
out.DefaultAddCapabilities = *(*[]v1.Capability)(unsafe.Pointer(&in.DefaultAddCapabilities))
|
||||
out.RequiredDropCapabilities = *(*[]v1.Capability)(unsafe.Pointer(&in.RequiredDropCapabilities))
|
||||
out.AllowedCapabilities = *(*[]v1.Capability)(unsafe.Pointer(&in.AllowedCapabilities))
|
||||
out.Volumes = *(*[]v1beta1.FSType)(unsafe.Pointer(&in.Volumes))
|
||||
out.HostNetwork = in.HostNetwork
|
||||
out.HostPorts = *(*[]v1beta1.HostPortRange)(unsafe.Pointer(&in.HostPorts))
|
||||
out.HostPID = in.HostPID
|
||||
out.HostIPC = in.HostIPC
|
||||
if err := Convert_policy_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(&in.SELinux, &out.SELinux, s); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := Convert_policy_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(&in.RunAsUser, &out.RunAsUser, s); err != nil {
|
||||
return err
|
||||
}
|
||||
out.RunAsGroup = (*v1beta1.RunAsGroupStrategyOptions)(unsafe.Pointer(in.RunAsGroup))
|
||||
if err := Convert_policy_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(&in.SupplementalGroups, &out.SupplementalGroups, s); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := Convert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(&in.FSGroup, &out.FSGroup, s); err != nil {
|
||||
return err
|
||||
}
|
||||
out.ReadOnlyRootFilesystem = in.ReadOnlyRootFilesystem
|
||||
out.DefaultAllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.DefaultAllowPrivilegeEscalation))
|
||||
if err := metav1.Convert_bool_To_Pointer_bool(&in.AllowPrivilegeEscalation, &out.AllowPrivilegeEscalation, s); err != nil {
|
||||
return err
|
||||
}
|
||||
out.AllowedHostPaths = *(*[]v1beta1.AllowedHostPath)(unsafe.Pointer(&in.AllowedHostPaths))
|
||||
out.AllowedFlexVolumes = *(*[]v1beta1.AllowedFlexVolume)(unsafe.Pointer(&in.AllowedFlexVolumes))
|
||||
out.AllowedCSIDrivers = *(*[]v1beta1.AllowedCSIDriver)(unsafe.Pointer(&in.AllowedCSIDrivers))
|
||||
out.AllowedUnsafeSysctls = *(*[]string)(unsafe.Pointer(&in.AllowedUnsafeSysctls))
|
||||
out.ForbiddenSysctls = *(*[]string)(unsafe.Pointer(&in.ForbiddenSysctls))
|
||||
out.AllowedProcMountTypes = *(*[]v1.ProcMountType)(unsafe.Pointer(&in.AllowedProcMountTypes))
|
||||
out.RuntimeClass = (*v1beta1.RuntimeClassStrategyOptions)(unsafe.Pointer(in.RuntimeClass))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec is an autogenerated conversion function.
|
||||
func Convert_policy_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(in *policy.PodSecurityPolicySpec, out *v1beta1.PodSecurityPolicySpec, s conversion.Scope) error {
|
||||
return autoConvert_policy_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_ReplicaSet_To_apps_ReplicaSet(in *v1beta1.ReplicaSet, out *apps.ReplicaSet, s conversion.Scope) error {
|
||||
out.ObjectMeta = in.ObjectMeta
|
||||
if err := Convert_v1beta1_ReplicaSetSpec_To_apps_ReplicaSetSpec(&in.Spec, &out.Spec, s); err != nil {
|
||||
@ -2301,94 +1878,6 @@ func Convert_apps_RollingUpdateDeployment_To_v1beta1_RollingUpdateDeployment(in
|
||||
return autoConvert_apps_RollingUpdateDeployment_To_v1beta1_RollingUpdateDeployment(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_RunAsGroupStrategyOptions_To_policy_RunAsGroupStrategyOptions(in *v1beta1.RunAsGroupStrategyOptions, out *policy.RunAsGroupStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = policy.RunAsGroupStrategy(in.Rule)
|
||||
out.Ranges = *(*[]policy.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_RunAsGroupStrategyOptions_To_policy_RunAsGroupStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_v1beta1_RunAsGroupStrategyOptions_To_policy_RunAsGroupStrategyOptions(in *v1beta1.RunAsGroupStrategyOptions, out *policy.RunAsGroupStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_RunAsGroupStrategyOptions_To_policy_RunAsGroupStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_RunAsGroupStrategyOptions_To_v1beta1_RunAsGroupStrategyOptions(in *policy.RunAsGroupStrategyOptions, out *v1beta1.RunAsGroupStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = v1beta1.RunAsGroupStrategy(in.Rule)
|
||||
out.Ranges = *(*[]v1beta1.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_RunAsGroupStrategyOptions_To_v1beta1_RunAsGroupStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_policy_RunAsGroupStrategyOptions_To_v1beta1_RunAsGroupStrategyOptions(in *policy.RunAsGroupStrategyOptions, out *v1beta1.RunAsGroupStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_policy_RunAsGroupStrategyOptions_To_v1beta1_RunAsGroupStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_RunAsUserStrategyOptions_To_policy_RunAsUserStrategyOptions(in *v1beta1.RunAsUserStrategyOptions, out *policy.RunAsUserStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = policy.RunAsUserStrategy(in.Rule)
|
||||
out.Ranges = *(*[]policy.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_RunAsUserStrategyOptions_To_policy_RunAsUserStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_v1beta1_RunAsUserStrategyOptions_To_policy_RunAsUserStrategyOptions(in *v1beta1.RunAsUserStrategyOptions, out *policy.RunAsUserStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_RunAsUserStrategyOptions_To_policy_RunAsUserStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(in *policy.RunAsUserStrategyOptions, out *v1beta1.RunAsUserStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = v1beta1.RunAsUserStrategy(in.Rule)
|
||||
out.Ranges = *(*[]v1beta1.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_policy_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(in *policy.RunAsUserStrategyOptions, out *v1beta1.RunAsUserStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_policy_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_RuntimeClassStrategyOptions_To_policy_RuntimeClassStrategyOptions(in *v1beta1.RuntimeClassStrategyOptions, out *policy.RuntimeClassStrategyOptions, s conversion.Scope) error {
|
||||
out.AllowedRuntimeClassNames = *(*[]string)(unsafe.Pointer(&in.AllowedRuntimeClassNames))
|
||||
out.DefaultRuntimeClassName = (*string)(unsafe.Pointer(in.DefaultRuntimeClassName))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_RuntimeClassStrategyOptions_To_policy_RuntimeClassStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_v1beta1_RuntimeClassStrategyOptions_To_policy_RuntimeClassStrategyOptions(in *v1beta1.RuntimeClassStrategyOptions, out *policy.RuntimeClassStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_RuntimeClassStrategyOptions_To_policy_RuntimeClassStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_RuntimeClassStrategyOptions_To_v1beta1_RuntimeClassStrategyOptions(in *policy.RuntimeClassStrategyOptions, out *v1beta1.RuntimeClassStrategyOptions, s conversion.Scope) error {
|
||||
out.AllowedRuntimeClassNames = *(*[]string)(unsafe.Pointer(&in.AllowedRuntimeClassNames))
|
||||
out.DefaultRuntimeClassName = (*string)(unsafe.Pointer(in.DefaultRuntimeClassName))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_RuntimeClassStrategyOptions_To_v1beta1_RuntimeClassStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_policy_RuntimeClassStrategyOptions_To_v1beta1_RuntimeClassStrategyOptions(in *policy.RuntimeClassStrategyOptions, out *v1beta1.RuntimeClassStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_policy_RuntimeClassStrategyOptions_To_v1beta1_RuntimeClassStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_SELinuxStrategyOptions_To_policy_SELinuxStrategyOptions(in *v1beta1.SELinuxStrategyOptions, out *policy.SELinuxStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = policy.SELinuxStrategy(in.Rule)
|
||||
out.SELinuxOptions = (*core.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_SELinuxStrategyOptions_To_policy_SELinuxStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_v1beta1_SELinuxStrategyOptions_To_policy_SELinuxStrategyOptions(in *v1beta1.SELinuxStrategyOptions, out *policy.SELinuxStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_SELinuxStrategyOptions_To_policy_SELinuxStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(in *policy.SELinuxStrategyOptions, out *v1beta1.SELinuxStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = v1beta1.SELinuxStrategy(in.Rule)
|
||||
out.SELinuxOptions = (*v1.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_policy_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(in *policy.SELinuxStrategyOptions, out *v1beta1.SELinuxStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_policy_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_Scale_To_autoscaling_Scale(in *v1beta1.Scale, out *autoscaling.Scale, s conversion.Scope) error {
|
||||
out.ObjectMeta = in.ObjectMeta
|
||||
if err := Convert_v1beta1_ScaleSpec_To_autoscaling_ScaleSpec(&in.Spec, &out.Spec, s); err != nil {
|
||||
@ -2453,25 +1942,3 @@ func autoConvert_autoscaling_ScaleStatus_To_v1beta1_ScaleStatus(in *autoscaling.
|
||||
// WARNING: in.Selector requires manual conversion: inconvertible types (string vs map[string]string)
|
||||
return nil
|
||||
}
|
||||
|
||||
func autoConvert_v1beta1_SupplementalGroupsStrategyOptions_To_policy_SupplementalGroupsStrategyOptions(in *v1beta1.SupplementalGroupsStrategyOptions, out *policy.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = policy.SupplementalGroupsStrategyType(in.Rule)
|
||||
out.Ranges = *(*[]policy.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1beta1_SupplementalGroupsStrategyOptions_To_policy_SupplementalGroupsStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_v1beta1_SupplementalGroupsStrategyOptions_To_policy_SupplementalGroupsStrategyOptions(in *v1beta1.SupplementalGroupsStrategyOptions, out *policy.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_v1beta1_SupplementalGroupsStrategyOptions_To_policy_SupplementalGroupsStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_policy_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(in *policy.SupplementalGroupsStrategyOptions, out *v1beta1.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
|
||||
out.Rule = v1beta1.SupplementalGroupsStrategyType(in.Rule)
|
||||
out.Ranges = *(*[]v1beta1.IDRange)(unsafe.Pointer(&in.Ranges))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_policy_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions is an autogenerated conversion function.
|
||||
func Convert_policy_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(in *policy.SupplementalGroupsStrategyOptions, out *v1beta1.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
|
||||
return autoConvert_policy_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(in, out, s)
|
||||
}
|
||||
|
||||
13
pkg/apis/extensions/v1beta1/zz_generated.defaults.go
generated
13
pkg/apis/extensions/v1beta1/zz_generated.defaults.go
generated
@ -39,8 +39,6 @@ func RegisterDefaults(scheme *runtime.Scheme) error {
|
||||
scheme.AddTypeDefaultingFunc(&v1beta1.IngressList{}, func(obj interface{}) { SetObjectDefaults_IngressList(obj.(*v1beta1.IngressList)) })
|
||||
scheme.AddTypeDefaultingFunc(&v1beta1.NetworkPolicy{}, func(obj interface{}) { SetObjectDefaults_NetworkPolicy(obj.(*v1beta1.NetworkPolicy)) })
|
||||
scheme.AddTypeDefaultingFunc(&v1beta1.NetworkPolicyList{}, func(obj interface{}) { SetObjectDefaults_NetworkPolicyList(obj.(*v1beta1.NetworkPolicyList)) })
|
||||
scheme.AddTypeDefaultingFunc(&v1beta1.PodSecurityPolicy{}, func(obj interface{}) { SetObjectDefaults_PodSecurityPolicy(obj.(*v1beta1.PodSecurityPolicy)) })
|
||||
scheme.AddTypeDefaultingFunc(&v1beta1.PodSecurityPolicyList{}, func(obj interface{}) { SetObjectDefaults_PodSecurityPolicyList(obj.(*v1beta1.PodSecurityPolicyList)) })
|
||||
scheme.AddTypeDefaultingFunc(&v1beta1.ReplicaSet{}, func(obj interface{}) { SetObjectDefaults_ReplicaSet(obj.(*v1beta1.ReplicaSet)) })
|
||||
scheme.AddTypeDefaultingFunc(&v1beta1.ReplicaSetList{}, func(obj interface{}) { SetObjectDefaults_ReplicaSetList(obj.(*v1beta1.ReplicaSetList)) })
|
||||
return nil
|
||||
@ -626,17 +624,6 @@ func SetObjectDefaults_NetworkPolicyList(in *v1beta1.NetworkPolicyList) {
|
||||
}
|
||||
}
|
||||
|
||||
func SetObjectDefaults_PodSecurityPolicy(in *v1beta1.PodSecurityPolicy) {
|
||||
SetDefaults_PodSecurityPolicySpec(&in.Spec)
|
||||
}
|
||||
|
||||
func SetObjectDefaults_PodSecurityPolicyList(in *v1beta1.PodSecurityPolicyList) {
|
||||
for i := range in.Items {
|
||||
a := &in.Items[i]
|
||||
SetObjectDefaults_PodSecurityPolicy(a)
|
||||
}
|
||||
}
|
||||
|
||||
func SetObjectDefaults_ReplicaSet(in *v1beta1.ReplicaSet) {
|
||||
SetDefaults_ReplicaSet(in)
|
||||
v1.SetDefaults_PodSpec(&in.Spec.Template.Spec)
|
||||
|
||||
1438
pkg/generated/openapi/zz_generated.openapi.go
generated
1438
pkg/generated/openapi/zz_generated.openapi.go
generated
File diff suppressed because it is too large
Load Diff
@ -37,14 +37,12 @@ import (
|
||||
|
||||
// SpecialDefaultResourcePrefixes are prefixes compiled into Kubernetes.
|
||||
var SpecialDefaultResourcePrefixes = map[schema.GroupResource]string{
|
||||
{Group: "", Resource: "replicationcontrollers"}: "controllers",
|
||||
{Group: "", Resource: "endpoints"}: "services/endpoints",
|
||||
{Group: "", Resource: "nodes"}: "minions",
|
||||
{Group: "", Resource: "services"}: "services/specs",
|
||||
{Group: "extensions", Resource: "ingresses"}: "ingress",
|
||||
{Group: "networking.k8s.io", Resource: "ingresses"}: "ingress",
|
||||
{Group: "extensions", Resource: "podsecuritypolicies"}: "podsecuritypolicy",
|
||||
{Group: "policy", Resource: "podsecuritypolicies"}: "podsecuritypolicy",
|
||||
{Group: "", Resource: "replicationcontrollers"}: "controllers",
|
||||
{Group: "", Resource: "endpoints"}: "services/endpoints",
|
||||
{Group: "", Resource: "nodes"}: "minions",
|
||||
{Group: "", Resource: "services"}: "services/specs",
|
||||
{Group: "extensions", Resource: "ingresses"}: "ingress",
|
||||
{Group: "networking.k8s.io", Resource: "ingresses"}: "ingress",
|
||||
}
|
||||
|
||||
// DefaultWatchCacheSizes defines default resources for which watchcache
|
||||
|
||||
@ -27,34 +27,6 @@ package v1beta1
|
||||
// Those methods can be generated by using hack/update-generated-swagger-docs.sh
|
||||
|
||||
// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT.
|
||||
var map_AllowedCSIDriver = map[string]string{
|
||||
"": "AllowedCSIDriver represents a single inline CSI Driver that is allowed to be used.",
|
||||
"name": "Name is the registered name of the CSI driver",
|
||||
}
|
||||
|
||||
func (AllowedCSIDriver) SwaggerDoc() map[string]string {
|
||||
return map_AllowedCSIDriver
|
||||
}
|
||||
|
||||
var map_AllowedFlexVolume = map[string]string{
|
||||
"": "AllowedFlexVolume represents a single Flexvolume that is allowed to be used. Deprecated: use AllowedFlexVolume from policy API Group instead.",
|
||||
"driver": "driver is the name of the Flexvolume driver.",
|
||||
}
|
||||
|
||||
func (AllowedFlexVolume) SwaggerDoc() map[string]string {
|
||||
return map_AllowedFlexVolume
|
||||
}
|
||||
|
||||
var map_AllowedHostPath = map[string]string{
|
||||
"": "AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined. Deprecated: use AllowedHostPath from policy API Group instead.",
|
||||
"pathPrefix": "pathPrefix is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`",
|
||||
"readOnly": "when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.",
|
||||
}
|
||||
|
||||
func (AllowedHostPath) SwaggerDoc() map[string]string {
|
||||
return map_AllowedHostPath
|
||||
}
|
||||
|
||||
var map_DaemonSet = map[string]string{
|
||||
"": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.",
|
||||
"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
|
||||
@ -220,16 +192,6 @@ func (DeploymentStrategy) SwaggerDoc() map[string]string {
|
||||
return map_DeploymentStrategy
|
||||
}
|
||||
|
||||
var map_FSGroupStrategyOptions = map[string]string{
|
||||
"": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use FSGroupStrategyOptions from policy API Group instead.",
|
||||
"rule": "rule is the strategy that will dictate what FSGroup is used in the SecurityContext.",
|
||||
"ranges": "ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end. Required for MustRunAs.",
|
||||
}
|
||||
|
||||
func (FSGroupStrategyOptions) SwaggerDoc() map[string]string {
|
||||
return map_FSGroupStrategyOptions
|
||||
}
|
||||
|
||||
var map_HTTPIngressPath = map[string]string{
|
||||
"": "HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.",
|
||||
"path": "Path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/'. When unspecified, all paths from incoming requests are matched.",
|
||||
@ -250,26 +212,6 @@ func (HTTPIngressRuleValue) SwaggerDoc() map[string]string {
|
||||
return map_HTTPIngressRuleValue
|
||||
}
|
||||
|
||||
var map_HostPortRange = map[string]string{
|
||||
"": "HostPortRange defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined. Deprecated: use HostPortRange from policy API Group instead.",
|
||||
"min": "min is the start of the range, inclusive.",
|
||||
"max": "max is the end of the range, inclusive.",
|
||||
}
|
||||
|
||||
func (HostPortRange) SwaggerDoc() map[string]string {
|
||||
return map_HostPortRange
|
||||
}
|
||||
|
||||
var map_IDRange = map[string]string{
|
||||
"": "IDRange provides a min/max of an allowed range of IDs. Deprecated: use IDRange from policy API Group instead.",
|
||||
"min": "min is the start of the range, inclusive.",
|
||||
"max": "max is the end of the range, inclusive.",
|
||||
}
|
||||
|
||||
func (IDRange) SwaggerDoc() map[string]string {
|
||||
return map_IDRange
|
||||
}
|
||||
|
||||
var map_IPBlock = map[string]string{
|
||||
"": "DEPRECATED 1.9 - This group version of IPBlock is deprecated by networking/v1/IPBlock. IPBlock describes a particular CIDR (Ex. \"192.168.1.0/24\",\"2001:db8::/64\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.",
|
||||
"cidr": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"",
|
||||
@ -476,58 +418,6 @@ func (NetworkPolicyStatus) SwaggerDoc() map[string]string {
|
||||
return map_NetworkPolicyStatus
|
||||
}
|
||||
|
||||
var map_PodSecurityPolicy = map[string]string{
|
||||
"": "PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container. Deprecated: use PodSecurityPolicy from policy API Group instead.",
|
||||
"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
|
||||
"spec": "spec defines the policy enforced.",
|
||||
}
|
||||
|
||||
func (PodSecurityPolicy) SwaggerDoc() map[string]string {
|
||||
return map_PodSecurityPolicy
|
||||
}
|
||||
|
||||
var map_PodSecurityPolicyList = map[string]string{
|
||||
"": "PodSecurityPolicyList is a list of PodSecurityPolicy objects. Deprecated: use PodSecurityPolicyList from policy API Group instead.",
|
||||
"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
|
||||
"items": "items is a list of schema objects.",
|
||||
}
|
||||
|
||||
func (PodSecurityPolicyList) SwaggerDoc() map[string]string {
|
||||
return map_PodSecurityPolicyList
|
||||
}
|
||||
|
||||
var map_PodSecurityPolicySpec = map[string]string{
|
||||
"": "PodSecurityPolicySpec defines the policy enforced. Deprecated: use PodSecurityPolicySpec from policy API Group instead.",
|
||||
"privileged": "privileged determines if a pod can request to be run as privileged.",
|
||||
"defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.",
|
||||
"requiredDropCapabilities": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.",
|
||||
"allowedCapabilities": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both allowedCapabilities and requiredDropCapabilities.",
|
||||
"volumes": "volumes is an allowlist of volume plugins. Empty indicates that no volumes may be used. To allow all volumes you may use '*'.",
|
||||
"hostNetwork": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.",
|
||||
"hostPorts": "hostPorts determines which host port ranges are allowed to be exposed.",
|
||||
"hostPID": "hostPID determines if the policy allows the use of HostPID in the pod spec.",
|
||||
"hostIPC": "hostIPC determines if the policy allows the use of HostIPC in the pod spec.",
|
||||
"seLinux": "seLinux is the strategy that will dictate the allowable labels that may be set.",
|
||||
"runAsUser": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.",
|
||||
"runAsGroup": "RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set. If this field is omitted, the pod's RunAsGroup can take any value. This field requires the RunAsGroup feature gate to be enabled.",
|
||||
"supplementalGroups": "supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.",
|
||||
"fsGroup": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.",
|
||||
"readOnlyRootFilesystem": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.",
|
||||
"defaultAllowPrivilegeEscalation": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.",
|
||||
"allowPrivilegeEscalation": "allowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.",
|
||||
"allowedHostPaths": "allowedHostPaths is an allowlist of host paths. Empty indicates that all host paths may be used.",
|
||||
"allowedFlexVolumes": "allowedFlexVolumes is an allowlist of Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field.",
|
||||
"allowedCSIDrivers": "AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec. An empty value indicates that any CSI driver can be used for inline ephemeral volumes.",
|
||||
"allowedUnsafeSysctls": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to allowlist all unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.",
|
||||
"forbiddenSysctls": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.",
|
||||
"allowedProcMountTypes": "AllowedProcMountTypes is an allowlist of allowed ProcMountTypes. Empty or nil indicates that only the DefaultProcMountType may be used. This requires the ProcMountType feature flag to be enabled.",
|
||||
"runtimeClass": "runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod. If this field is omitted, the pod's runtimeClassName field is unrestricted. Enforcement of this field depends on the RuntimeClass feature gate being enabled.",
|
||||
}
|
||||
|
||||
func (PodSecurityPolicySpec) SwaggerDoc() map[string]string {
|
||||
return map_PodSecurityPolicySpec
|
||||
}
|
||||
|
||||
var map_ReplicaSet = map[string]string{
|
||||
"": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.",
|
||||
"metadata": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
|
||||
@ -617,46 +507,6 @@ func (RollingUpdateDeployment) SwaggerDoc() map[string]string {
|
||||
return map_RollingUpdateDeployment
|
||||
}
|
||||
|
||||
var map_RunAsGroupStrategyOptions = map[string]string{
|
||||
"": "RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsGroupStrategyOptions from policy API Group instead.",
|
||||
"rule": "rule is the strategy that will dictate the allowable RunAsGroup values that may be set.",
|
||||
"ranges": "ranges are the allowed ranges of gids that may be used. If you would like to force a single gid then supply a single range with the same start and end. Required for MustRunAs.",
|
||||
}
|
||||
|
||||
func (RunAsGroupStrategyOptions) SwaggerDoc() map[string]string {
|
||||
return map_RunAsGroupStrategyOptions
|
||||
}
|
||||
|
||||
var map_RunAsUserStrategyOptions = map[string]string{
|
||||
"": "RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsUserStrategyOptions from policy API Group instead.",
|
||||
"rule": "rule is the strategy that will dictate the allowable RunAsUser values that may be set.",
|
||||
"ranges": "ranges are the allowed ranges of uids that may be used. If you would like to force a single uid then supply a single range with the same start and end. Required for MustRunAs.",
|
||||
}
|
||||
|
||||
func (RunAsUserStrategyOptions) SwaggerDoc() map[string]string {
|
||||
return map_RunAsUserStrategyOptions
|
||||
}
|
||||
|
||||
var map_RuntimeClassStrategyOptions = map[string]string{
|
||||
"": "RuntimeClassStrategyOptions define the strategy that will dictate the allowable RuntimeClasses for a pod.",
|
||||
"allowedRuntimeClassNames": "allowedRuntimeClassNames is an allowlist of RuntimeClass names that may be specified on a pod. A value of \"*\" means that any RuntimeClass name is allowed, and must be the only item in the list. An empty list requires the RuntimeClassName field to be unset.",
|
||||
"defaultRuntimeClassName": "defaultRuntimeClassName is the default RuntimeClassName to set on the pod. The default MUST be allowed by the allowedRuntimeClassNames list. A value of nil does not mutate the Pod.",
|
||||
}
|
||||
|
||||
func (RuntimeClassStrategyOptions) SwaggerDoc() map[string]string {
|
||||
return map_RuntimeClassStrategyOptions
|
||||
}
|
||||
|
||||
var map_SELinuxStrategyOptions = map[string]string{
|
||||
"": "SELinuxStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use SELinuxStrategyOptions from policy API Group instead.",
|
||||
"rule": "rule is the strategy that will dictate the allowable labels that may be set.",
|
||||
"seLinuxOptions": "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
|
||||
}
|
||||
|
||||
func (SELinuxStrategyOptions) SwaggerDoc() map[string]string {
|
||||
return map_SELinuxStrategyOptions
|
||||
}
|
||||
|
||||
var map_Scale = map[string]string{
|
||||
"": "represents a scaling request for a resource.",
|
||||
"metadata": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.",
|
||||
@ -688,14 +538,4 @@ func (ScaleStatus) SwaggerDoc() map[string]string {
|
||||
return map_ScaleStatus
|
||||
}
|
||||
|
||||
var map_SupplementalGroupsStrategyOptions = map[string]string{
|
||||
"": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use SupplementalGroupsStrategyOptions from policy API Group instead.",
|
||||
"rule": "rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.",
|
||||
"ranges": "ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end. Required for MustRunAs.",
|
||||
}
|
||||
|
||||
func (SupplementalGroupsStrategyOptions) SwaggerDoc() map[string]string {
|
||||
return map_SupplementalGroupsStrategyOptions
|
||||
}
|
||||
|
||||
// AUTO-GENERATED FUNCTIONS END HERE
|
||||
|
||||
@ -128,12 +128,6 @@ var rootScopedKinds = map[schema.GroupKind]bool{
|
||||
{Group: "", Kind: "PersistentVolume"}: true,
|
||||
{Group: "", Kind: "ComponentStatus"}: true,
|
||||
|
||||
{Group: "extensions", Kind: "PodSecurityPolicy"}: true,
|
||||
|
||||
{Group: "policy", Kind: "PodSecurityPolicy"}: true,
|
||||
|
||||
{Group: "extensions", Kind: "PodSecurityPolicy"}: true,
|
||||
|
||||
{Group: "rbac.authorization.k8s.io", Kind: "ClusterRole"}: true,
|
||||
{Group: "rbac.authorization.k8s.io", Kind: "ClusterRoleBinding"}: true,
|
||||
|
||||
|
||||
@ -27,22 +27,22 @@ func TestAddAnnotation(t *testing.T) {
|
||||
attr := &attributesRecord{}
|
||||
|
||||
// test AddAnnotation
|
||||
attr.AddAnnotation("podsecuritypolicy.admission.k8s.io/validate-policy", "privileged")
|
||||
attr.AddAnnotation("podsecuritypolicy.admission.k8s.io/admit-policy", "privileged")
|
||||
attr.AddAnnotation("foo.admission.k8s.io/key1", "value1")
|
||||
attr.AddAnnotation("foo.admission.k8s.io/key2", "value2")
|
||||
annotations := attr.getAnnotations(auditinternal.LevelMetadata)
|
||||
assert.Equal(t, annotations["podsecuritypolicy.admission.k8s.io/validate-policy"], "privileged")
|
||||
assert.Equal(t, annotations["foo.admission.k8s.io/key1"], "value1")
|
||||
|
||||
// test overwrite
|
||||
assert.Error(t, attr.AddAnnotation("podsecuritypolicy.admission.k8s.io/validate-policy", "privileged-overwrite"),
|
||||
assert.Error(t, attr.AddAnnotation("foo.admission.k8s.io/key1", "value1-overwrite"),
|
||||
"admission annotations should not be allowd to be overwritten")
|
||||
annotations = attr.getAnnotations(auditinternal.LevelMetadata)
|
||||
assert.Equal(t, annotations["podsecuritypolicy.admission.k8s.io/validate-policy"], "privileged", "admission annotations should not be overwritten")
|
||||
assert.Equal(t, annotations["foo.admission.k8s.io/key1"], "value1", "admission annotations should not be overwritten")
|
||||
|
||||
// test invalid plugin names
|
||||
var testCases map[string]string = map[string]string{
|
||||
"invalid dns subdomain": "INVALID-DNS-Subdomain/policy",
|
||||
"no plugin name": "policy",
|
||||
"no key name": "podsecuritypolicy.admission.k8s.io",
|
||||
"no key name": "foo.admission.k8s.io",
|
||||
"empty key": "",
|
||||
}
|
||||
for name, invalidKey := range testCases {
|
||||
@ -57,8 +57,8 @@ func TestAddAnnotation(t *testing.T) {
|
||||
t,
|
||||
annotations,
|
||||
map[string]string{
|
||||
"podsecuritypolicy.admission.k8s.io/validate-policy": "privileged",
|
||||
"podsecuritypolicy.admission.k8s.io/admit-policy": "privileged",
|
||||
"foo.admission.k8s.io/key1": "value1",
|
||||
"foo.admission.k8s.io/key2": "value2",
|
||||
},
|
||||
"unexpected final annotations",
|
||||
)
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -193,9 +193,6 @@ rules:
|
||||
- k8s.io/kubernetes/pkg/scheduler/profile
|
||||
- k8s.io/kubernetes/pkg/scheduler/testing
|
||||
- k8s.io/kubernetes/pkg/security/apparmor
|
||||
- k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp
|
||||
- k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl
|
||||
- k8s.io/kubernetes/pkg/security/podsecuritypolicy/util
|
||||
- k8s.io/kubernetes/pkg/securitycontext
|
||||
- k8s.io/kubernetes/pkg/serviceaccount
|
||||
- k8s.io/kubernetes/pkg/util/async
|
||||
|
||||
@ -254,10 +254,6 @@ func GetEtcdStorageDataForNamespace(namespace string) map[schema.GroupVersionRes
|
||||
Stub: `{"metadata": {"name": "pdb1"}, "spec": {"selector": {"matchLabels": {"anokkey": "anokvalue"}}}}`,
|
||||
ExpectedEtcdPath: "/registry/poddisruptionbudgets/" + namespace + "/pdb1",
|
||||
},
|
||||
gvr("policy", "v1beta1", "podsecuritypolicies"): {
|
||||
Stub: `{"metadata": {"name": "psp2"}, "spec": {"fsGroup": {"rule": "RunAsAny"}, "privileged": true, "runAsUser": {"rule": "RunAsAny"}, "seLinux": {"rule": "MustRunAs"}, "supplementalGroups": {"rule": "RunAsAny"}}}`,
|
||||
ExpectedEtcdPath: "/registry/podsecuritypolicy/psp2",
|
||||
},
|
||||
// --
|
||||
|
||||
// k8s.io/kubernetes/pkg/apis/storage/v1alpha1
|
||||
|
||||
Loading…
Reference in New Issue
Block a user