diff --git a/hack/.golint_failures b/hack/.golint_failures index 4ed6cb6cece..ca1f2ce901a 100644 --- a/hack/.golint_failures +++ b/hack/.golint_failures @@ -2,6 +2,8 @@ cmd/cloud-controller-manager/app/apis/config/v1alpha1 cmd/kube-apiserver/app cmd/kubeadm/app/apis/kubeadm/v1beta1 cmd/kubeadm/app/apis/kubeadm/v1beta2 +pkg/apis/abac/v0 +pkg/apis/abac/v1beta1 pkg/apis/admission pkg/apis/admissionregistration/v1 pkg/apis/admissionregistration/v1beta1 diff --git a/pkg/api/testing/serialization_test.go b/pkg/api/testing/serialization_test.go index 5c10f07a4e7..5ad56a82e10 100644 --- a/pkg/api/testing/serialization_test.go +++ b/pkg/api/testing/serialization_test.go @@ -80,7 +80,10 @@ func ConvertV1ReplicaSetToAPIReplicationController(in *appsv1.ReplicaSet, out *a } func TestSetControllerConversion(t *testing.T) { - if err := legacyscheme.Scheme.AddConversionFuncs(ConvertV1ReplicaSetToAPIReplicationController); err != nil { + s := legacyscheme.Scheme + if err := s.AddConversionFunc((*appsv1.ReplicaSet)(nil), (*api.ReplicationController)(nil), func(a, b interface{}, scope conversion.Scope) error { + return ConvertV1ReplicaSetToAPIReplicationController(a.(*appsv1.ReplicaSet), b.(*api.ReplicationController), scope) + }); err != nil { t.Fatal(err) } diff --git a/pkg/apis/abac/v0/BUILD b/pkg/apis/abac/v0/BUILD index d98adb2935f..3045fbcee7c 100644 --- a/pkg/apis/abac/v0/BUILD +++ b/pkg/apis/abac/v0/BUILD @@ -13,6 +13,7 @@ go_library( "doc.go", "register.go", "types.go", + "zz_generated.conversion.go", "zz_generated.deepcopy.go", ], importpath = "k8s.io/kubernetes/pkg/apis/abac/v0", @@ -22,6 +23,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", ], ) diff --git a/pkg/apis/abac/v0/conversion.go b/pkg/apis/abac/v0/conversion.go index 9b6ad188d1f..13b5375029c 100644 --- a/pkg/apis/abac/v0/conversion.go +++ b/pkg/apis/abac/v0/conversion.go @@ -18,51 +18,45 @@ package v0 import ( "k8s.io/apimachinery/pkg/conversion" - "k8s.io/apimachinery/pkg/runtime" - api "k8s.io/kubernetes/pkg/apis/abac" + "k8s.io/kubernetes/pkg/apis/abac" ) // allAuthenticated matches k8s.io/apiserver/pkg/authentication/user.AllAuthenticated, // but we don't want a client library (which must include types), depending on a server library const allAuthenticated = "system:authenticated" -func addConversionFuncs(scheme *runtime.Scheme) error { - return scheme.AddConversionFuncs( - func(in *Policy, out *api.Policy, s conversion.Scope) error { - // Begin by copying all fields - out.Spec.User = in.User - out.Spec.Group = in.Group - out.Spec.Namespace = in.Namespace - out.Spec.Resource = in.Resource - out.Spec.Readonly = in.Readonly +func Convert_v0_Policy_To_abac_Policy(in *Policy, out *abac.Policy, s conversion.Scope) error { + out.Spec.User = in.User + out.Spec.Group = in.Group + out.Spec.Namespace = in.Namespace + out.Spec.Resource = in.Resource + out.Spec.Readonly = in.Readonly - // In v0, unspecified user and group matches all authenticated subjects - if len(in.User) == 0 && len(in.Group) == 0 { - out.Spec.Group = allAuthenticated - } - // In v0, user or group of * matches all authenticated subjects - if in.User == "*" || in.Group == "*" { - out.Spec.Group = allAuthenticated - out.Spec.User = "" - } + // In v0, unspecified user and group matches all authenticated subjects + if len(in.User) == 0 && len(in.Group) == 0 { + out.Spec.Group = allAuthenticated + } + // In v0, user or group of * matches all authenticated subjects + if in.User == "*" || in.Group == "*" { + out.Spec.Group = allAuthenticated + out.Spec.User = "" + } - // In v0, leaving namespace empty matches all namespaces - if len(in.Namespace) == 0 { - out.Spec.Namespace = "*" - } - // In v0, leaving resource empty matches all resources - if len(in.Resource) == 0 { - out.Spec.Resource = "*" - } - // Any rule in v0 should match all API groups - out.Spec.APIGroup = "*" + // In v0, leaving namespace empty matches all namespaces + if len(in.Namespace) == 0 { + out.Spec.Namespace = "*" + } + // In v0, leaving resource empty matches all resources + if len(in.Resource) == 0 { + out.Spec.Resource = "*" + } + // Any rule in v0 should match all API groups + out.Spec.APIGroup = "*" - // In v0, leaving namespace and resource blank allows non-resource paths - if len(in.Namespace) == 0 && len(in.Resource) == 0 { - out.Spec.NonResourcePath = "*" - } + // In v0, leaving namespace and resource blank allows non-resource paths + if len(in.Namespace) == 0 && len(in.Resource) == 0 { + out.Spec.NonResourcePath = "*" + } - return nil - }, - ) + return nil } diff --git a/pkg/apis/abac/v0/doc.go b/pkg/apis/abac/v0/doc.go index b8d89497834..44aa923c3d2 100644 --- a/pkg/apis/abac/v0/doc.go +++ b/pkg/apis/abac/v0/doc.go @@ -14,6 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ +// +k8s:conversion-gen=false // +k8s:deepcopy-gen=package // +groupName=abac.authorization.kubernetes.io diff --git a/pkg/apis/abac/v0/register.go b/pkg/apis/abac/v0/register.go index 2138396f84b..3d22251c454 100644 --- a/pkg/apis/abac/v0/register.go +++ b/pkg/apis/abac/v0/register.go @@ -19,6 +19,7 @@ package v0 import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/kubernetes/pkg/apis/abac" ) @@ -30,14 +31,9 @@ var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v0"} func init() { // TODO: Delete this init function, abac should not have its own scheme. - if err := addKnownTypes(abac.Scheme); err != nil { - // Programmer error. - panic(err) - } - if err := addConversionFuncs(abac.Scheme); err != nil { - // Programmer error. - panic(err) - } + utilruntime.Must(addKnownTypes(abac.Scheme)) + + utilruntime.Must(RegisterConversions(abac.Scheme)) } var ( @@ -56,7 +52,7 @@ func init() { // We only register manually written functions here. The registration of the // generated functions takes place in the generated files. The separation // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addConversionFuncs) + localSchemeBuilder.Register(addKnownTypes) } func addKnownTypes(scheme *runtime.Scheme) error { diff --git a/pkg/apis/abac/v0/zz_generated.conversion.go b/pkg/apis/abac/v0/zz_generated.conversion.go new file mode 100644 index 00000000000..ed54737690f --- /dev/null +++ b/pkg/apis/abac/v0/zz_generated.conversion.go @@ -0,0 +1,42 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by conversion-gen. DO NOT EDIT. + +package v0 + +import ( + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" + abac "k8s.io/kubernetes/pkg/apis/abac" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddConversionFunc((*Policy)(nil), (*abac.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v0_Policy_To_abac_Policy(a.(*Policy), b.(*abac.Policy), scope) + }); err != nil { + return err + } + return nil +} diff --git a/pkg/apis/abac/v1beta1/BUILD b/pkg/apis/abac/v1beta1/BUILD index d40ec2f3f27..dddbf8762f5 100644 --- a/pkg/apis/abac/v1beta1/BUILD +++ b/pkg/apis/abac/v1beta1/BUILD @@ -24,6 +24,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", ], ) diff --git a/pkg/apis/abac/v1beta1/conversion.go b/pkg/apis/abac/v1beta1/conversion.go index b830f532d9d..6508d479ac9 100644 --- a/pkg/apis/abac/v1beta1/conversion.go +++ b/pkg/apis/abac/v1beta1/conversion.go @@ -18,29 +18,23 @@ package v1beta1 import ( "k8s.io/apimachinery/pkg/conversion" - "k8s.io/apimachinery/pkg/runtime" - api "k8s.io/kubernetes/pkg/apis/abac" + "k8s.io/kubernetes/pkg/apis/abac" ) // allAuthenticated matches k8s.io/apiserver/pkg/authentication/user.AllAuthenticated, // but we don't want an client library (which must include types), depending on a server library const allAuthenticated = "system:authenticated" -func addConversionFuncs(scheme *runtime.Scheme) error { - return scheme.AddConversionFuncs( - func(in *Policy, out *api.Policy, s conversion.Scope) error { - // Begin by copying all fields - if err := autoConvert_v1beta1_Policy_To_abac_Policy(in, out, s); err != nil { - return err - } +func Convert_v1beta1_Policy_To_abac_Policy(in *Policy, out *abac.Policy, s conversion.Scope) error { + if err := autoConvert_v1beta1_Policy_To_abac_Policy(in, out, s); err != nil { + return err + } - // In v1beta1, * user or group maps to all authenticated subjects - if in.Spec.User == "*" || in.Spec.Group == "*" { - out.Spec.Group = allAuthenticated - out.Spec.User = "" - } + // In v1beta1, * user or group maps to all authenticated subjects + if in.Spec.User == "*" || in.Spec.Group == "*" { + out.Spec.Group = allAuthenticated + out.Spec.User = "" + } - return nil - }, - ) + return nil } diff --git a/pkg/apis/abac/v1beta1/register.go b/pkg/apis/abac/v1beta1/register.go index 9132934eafd..ff20882c6d4 100644 --- a/pkg/apis/abac/v1beta1/register.go +++ b/pkg/apis/abac/v1beta1/register.go @@ -19,6 +19,7 @@ package v1beta1 import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/kubernetes/pkg/apis/abac" ) @@ -29,15 +30,10 @@ const GroupName = "abac.authorization.kubernetes.io" var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"} func init() { - // TODO: delete this, abac should not have its own scheme. - if err := addKnownTypes(abac.Scheme); err != nil { - // Programmer error. - panic(err) - } - if err := addConversionFuncs(abac.Scheme); err != nil { - // Programmer error. - panic(err) - } + // TODO: Delete this init function, abac should not have its own scheme. + utilruntime.Must(addKnownTypes(abac.Scheme)) + + utilruntime.Must(RegisterConversions(abac.Scheme)) } var ( @@ -56,7 +52,7 @@ func init() { // We only register manually written functions here. The registration of the // generated functions takes place in the generated files. The separation // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes, addConversionFuncs, RegisterDefaults) + localSchemeBuilder.Register(addKnownTypes, RegisterDefaults) } func addKnownTypes(scheme *runtime.Scheme) error { diff --git a/pkg/apis/abac/v1beta1/zz_generated.conversion.go b/pkg/apis/abac/v1beta1/zz_generated.conversion.go index fd167559325..3646a7d0d33 100644 --- a/pkg/apis/abac/v1beta1/zz_generated.conversion.go +++ b/pkg/apis/abac/v1beta1/zz_generated.conversion.go @@ -33,11 +33,6 @@ func init() { // RegisterConversions adds conversion functions to the given scheme. // Public to allow building arbitrary schemes. func RegisterConversions(s *runtime.Scheme) error { - if err := s.AddGeneratedConversionFunc((*Policy)(nil), (*abac.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_Policy_To_abac_Policy(a.(*Policy), b.(*abac.Policy), scope) - }); err != nil { - return err - } if err := s.AddGeneratedConversionFunc((*abac.Policy)(nil), (*Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_abac_Policy_To_v1beta1_Policy(a.(*abac.Policy), b.(*Policy), scope) }); err != nil { @@ -53,6 +48,11 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddConversionFunc((*Policy)(nil), (*abac.Policy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_Policy_To_abac_Policy(a.(*Policy), b.(*abac.Policy), scope) + }); err != nil { + return err + } return nil } @@ -63,11 +63,6 @@ func autoConvert_v1beta1_Policy_To_abac_Policy(in *Policy, out *abac.Policy, s c return nil } -// Convert_v1beta1_Policy_To_abac_Policy is an autogenerated conversion function. -func Convert_v1beta1_Policy_To_abac_Policy(in *Policy, out *abac.Policy, s conversion.Scope) error { - return autoConvert_v1beta1_Policy_To_abac_Policy(in, out, s) -} - func autoConvert_abac_Policy_To_v1beta1_Policy(in *abac.Policy, out *Policy, s conversion.Scope) error { if err := Convert_abac_PolicySpec_To_v1beta1_PolicySpec(&in.Spec, &out.Spec, s); err != nil { return err diff --git a/staging/src/k8s.io/code-generator/cmd/conversion-gen/main.go b/staging/src/k8s.io/code-generator/cmd/conversion-gen/main.go index e5150f71bf9..7c63418015a 100644 --- a/staging/src/k8s.io/code-generator/cmd/conversion-gen/main.go +++ b/staging/src/k8s.io/code-generator/cmd/conversion-gen/main.go @@ -43,8 +43,8 @@ limitations under the License. // object that will be input to an apiserver), for such an override to // be used by the apiserver the developer-maintained conversion // functions must also be registered by invoking the -// `AddConversionFuncs` method of the relevant `Scheme` object from -// k8s.io/apimachinery/pkg/runtime. +// `AddConversionFunc`/`AddGeneratedConversionFunc` method of the +// relevant `Scheme` object from k8s.io/apimachinery/pkg/runtime. // // `conversion-gen` will scan its `--input-dirs`, looking at the // package defined in each of those directories for comment tags that